Ransomware attack on TAD breached information for about 300 people, officials says

An investigation by the Tarrant Appraisal District determined sensitive information for 300 or fewer people has been effected by a ransomware attack, the agency said in a statement Wednesday.

“It has been determined that there was unauthorized access to our network, which has resulted in the potential exposure of a small amount of personal information,” the statement said.

The statement also said TAD will notify those impacted “as soon as possible.”

The ransomware attack took place March 21 by the hacking group Medusa.

On March 25, the district’s legal council announced at an emergency meeting that the hackers were asking for $700,000.

Appraisal district board chair Vince Puente told the Fort Worth Report that the district is in communication with Medusa.

Medusa, the group suspected of the attack, has previously used extortion and the threat of selling sensitive information on the dark web as a tactic to negotiate, according to the U.S. Cybersecurity & Infrastructure Security Agency.

The appraisal district’s chief appraiser, Joe Don Bobbitt told the Star-Telegram last week that a majority of the data the district keeps on file is “sales data” and property details such as square footage, tax deeds or the year a property was sold — almost all of it public information.

A spokesperson for the district said Social Security numbers are not among data collected by the district and only on rare occasion are driver’s licenses kept on file.

In the statement put out Wednesday, TAD offered information on how to freeze a credit card or report fraud.

Many function’s of the appraisal distict’s website are still offline.

The district sets property appraisals and administers exemptions for tax purposes.