Dallas county:Data of 200,000 exposed in 2023 ransomware attacks:cyber attack 2024:wiz cybersecurity stock:cybersecurity startup wiz:google wiz:consulting radiologists data breach:at&t data breach 2024 what to do:att data accident:disney data breach:cyber attack news day:microsoft cyber attack

Dallas County is notifying more than 200,000 people that Play ransomware attack which happened in October 2023 exposed their personal information to cybercriminals.

Dallas County is 2nd mega county in Texas with more than 2.6 million residents.

In October 2023 the Play ransomware gang added Dallas to its extortion portal on dark wen threatening to leak data it stole during an attack on its systems including private  data from multiple departments.

Dallas County posted an update about incident on its website and sent data breach notices to 201,404 suffered individuals including employees, Dallas residents and others who interacted with its public services.

The leaked data review took lot of time and people were concerned.

Dallas set up a call center in January 2024.

Dallas acknowledge the incident through a statement on its site few days later.

The type of data confirmed to have exposed vary per individual and include following:

• Health insurance information
• Full name
• Social Security number SSN
• Date of birth
• Driver’s license
• State Identification number
• Taxpayer identification number

Those whose SSNs and taxpayer identification number were exposed will get two years of credit monitoring

and identity theft protection services.

Dallas County and City of Dallas have both deal with various damaging cybersecurity incident recently.

In May 2023 the City of Dallas suffered a breach from Royal ransomware which forced it to take offline parts of its IT infrastructure including police communications.

In November 2023 a Dallas County employee fell victim to social engineering attack by business email compromise scammers and sent a fraudulent payment of $2,400,000.

BleepingComputer learned at time that Royal was printing ransom notices on City printers which had fallen under attackers control.

It was later establish that Royal operators leverage stolen account credentials to maintain access to compromise systems between April 7 and May during which they exfiltrated more than ITB of data.