Skip to main content
close search
site logo

Dallas ransomware attack causes critical service outages

Websites for the city and its police department, which serves a population of nearly 1.3 million people, currently return 503 error pages.

Published May 4, 2023
Matt Kapko's headshot
Senior Reporter
City skyline
Aerial view of Dallas, Texas, in 2019 RoschetzkyIstockPhoto via Getty Images

Dallas, the ninth-most populated city in the U.S., is responding and attempting to recover from a ransomware attack that shut down multiple critical systems, including websites for the police department and city hall.

The city continues to receive and dispatch emergency 911 calls, and service from police and fire remain unaffected, Dallas said in a statement issued Wednesday night.

Court was closed Wednesday and will be closed Thursday as well. “Currently less than 200 of the city’s thousands of devices are impacted, but if any city device is at risk it will be quarantined and blocked by information and technology services,” the city said in the statement.

The website for city hall forwards to a sparse landing page that reads “the city is experiencing a service outage and is working to restore services.” The page includes a link to the city’s Twitter account for up-to-date information, but there’s no mention of the attack or outage on Twitter as of Thursday morning.

The city’s monitoring tools alerted the security operations center to a likely ransomware attack on Wednesday morning. “Subsequently, the city has confirmed that a number of servers have been compromised with ransomware, impacting several functional areas, including the Dallas Police Department website,” the city said in a statement.

Websites for the city and the Dallas Police Department, which serves a population of nearly 1.3 million people, currently returns a 503 error page.

“The city team, along with its vendors are actively working to isolate the ransomware to prevent its spread, to remove the ransomware from infected servers and to restore any services currently impacted,” the spokesperson said.

Emsisoft threat analyst Brett Callow shared a screenshot indicating the Royal ransomware group claimed responsibility for the attack. The FBI and Cybersecurity and Infrastructure Security Agency issued an advisory about the threat actor in March.

At least 29 local U.S. governments have been impacted by ransomware attacks this year, and data was stolen in at least 16 of those cases, according to Callow.

Dallas may be the largest city to have had a ransomware incident that has become knowledge,” Callow told Cybersecurity Dive via email. “The fact that police systems have been impacted is a concern, as it raises the question of whether data was exfiltrated from those systems. That could potentially impact investigations and prosecutions or even put lives at risk.”

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell