A ransomware attack on the Tarrant Appraisal District database in March was the one topic on everyone’s mind at the body’s emergency meeting on April 1.
During the public comment component of the meeting, board member Vince Puente said that the “singular purpose [of today’s meeting] is to address the ransomware attack.”
Numerous concerned citizens and candidates for office spoke to the board about their concerns, which ranged from the costs incurred from the attack to what produced the vulnerabilities.
Chuck Kelley, a former member of the Colleyville City Council and current candidate for TAD board Place 3, was the first to speak. He fired off a series of questions about whether private customer data had been breached, what was being done to prevent future attacks, and whether future contractors would be held to higher security standards.
The three minutes allotted to Kelley lapsed before he finished his list of questions, and board members did not attempt to provide any answers. However, Puente invited Kelley to email his queries to the board.
George Dodson, another former member of the Colleyville City Council, said he was happy the $700,000 ransom was not paid to the hackers. He urged TAD to hire the best cyber security consultants in the nation. Dodson then reminded the board it had been warned about cybersecurity vulnerabilities in the past.
“I’ve raised alerts on appraisals — raised warnings about the need to backup [sensitive information] to other sites,” Dodson told The Dallas Express. “I’ve been telling them this for six years, since 2018.”
Dodson, who told DX he had worked in IT with various Fortune 100 companies for over 45 years, said, “They’ve even had to use manual corrections to make software right. I have repeatedly asked for [cybersecurity] audits.”
Realtor Chandler Crouch made a brief address. Crouch, who rose to prominence by helping citizens protest exorbitant property tax assessments free of charge and recently waged war on what he previously told DX was rampant cronyism and corruption at TAD, did not speak on either issue when he assumed the speaker’s podium.
Crouch said the board should get a “refund from [systems security contractor] Apollo” if the hack “happened on their watch.”
Crouch had previously accused TAD of a “coverup” regarding an earlier breach. He stated on his blog that he believed the board was not forthcoming in revealing the extent of the breach. He drew a connection to audio obtained by the Fort Worth Star-Telegram wherein TAD officials allegedly conspired to lie to the public about an unidentified issue.
Other speakers addressed cyber-related issues that were either fully or partially related to the attack. Sayeda Bilqees Syed, a candidate for TAD Place 1, was in attendance but did not speak during the comment period. However, she told DX she supports a “complete” cybersecurity audit.
DX asked Kelley if he supported TAD getting a refund from Apollo. He said he did.
“The overriding challenge is that they don’t have anyone on their board with an IT background,” Kelley said in a judgment that was supported by Dodson. “I have an IT background. … If [Apollo] did not perform correct services, if this happened on their watch, their contract should be canceled, and TAD should contract a new vendor.”
Following the public comment session, board members were tight-lipped in their responses.
“Whatever information we give you, we are also giving [the hackers],” Puente said by way of explanation. “We want to answer your questions. We are doing our best.”
The board subsequently retreated into a closed-door executive session for much of the morning. After some time, most of the audience, save the candidates for office and one concerned citizen, left. When they returned, they said they would not be issuing a statement on their closed-door session.
Every TAD official, except embattled Tax-Collector Assessor Wendy Burgess, was physically present during the public comment period. Burgess, whom staff said called ahead and told them she was running late, presumably arrived during the executive session, as she was present for the recess announcement.
TAD staff appeared to remain on high alert. When asked why the password was removed from the public Wi-Fi sign in the meeting room, staff told DX it had been struck because of lingering concerns over cybersecurity.
This ransomware attack marks the second TAD database failure in two weeks. The first incident was allegedly the result of a database crash, Fox 4 KDFW reported. Hackers reportedly asked for nearly three-quarters of a million dollars to not expose customer’s
sensitive data.
However, despite a brief disruption to services, TAD did not believe hackers had obtained customer information, the Star-Telegram reported.
As previously reported by The Dallas Express, numerous DFW localities have been struck by cyber-attacks in recent years. A ransomware attack affected multiple City of Dallas computer systems in 2023. Dallas Central Appraisal District was hit by a ransomware attack in 2022 that resulted in the district shelling out hundreds of thousands in cryptocurrency to a hacker group.
Apollo Information Systems and the TAD were contacted for comment prior to the publication of this article but did not respond by the deadline.
