Ransomware group demands $700,000 from Tarrant Appraisal District

Evil walks this world, and it entered the Tarrant Appraisal District building last week when hackers infiltrated the district’s network, board chairman Vince Puente told those gathered at an emergency meeting March 24.

An unknown ransomware group is demanding $700,000 from the appraisal district, after a network disruption last week took the district’s systems offline. Lindsay B. Nickle, legal counsel for the district, said they believe hacking group Medusa may be responsible for the attack.

“If they steal from (the appraisal district), they’re stealing from our taxpayers,” Puente said.

Nickle said the group claims to have sensitive information, but the district doesn’t know whether taxpayer information has actually been compromised and an investigation is ongoing. She confirmed that the district has made contact with the group responsible, and said no decisions have been made on whether to pay the ransom.

“Nobody wants to pay a ransom,” she said. “And so the investigation is ongoing, and we’re looking into all of our options to recover (information).”

The appraisal district does not know where the attack originated. An outside group has been hired to investigate the incident further, Nickle said, but declined to name them. This is the second confirmed cyberattack against the agency in recent years, the first dating back to October 2022.

Medusa has been behind a rising number of data leaks in 2023, targeting industries like education, manufacturing, health care and retail.

Medusa hacked as many as 74 organizations, mostly in Europe, in 2023.