Another Texas state agency data breach has occurred, this time involving the Department of Transportation
The Texas Department of Transportation (TxDOT) has reportedly suffered a data security problem, although it is not the greatest breach the state has ever had, but it looks that TxDOT’s gateway for the certified payroll system for contractors has been compromised.
Over the weekend, two posts by the same person emerged on a hacking-related forum.
The initial post provided a screencap of an employee’s setup, which includes sensitive information, including the employee’s SSN. The login information and the URL for the state’s contractor payment system were also disclosed in the forum post. DataBreaches did not test the login credentials for ethical and legal grounds.
The second article provided a screencap of a contractor’s project listings. Another employee’s setup screen containing their personal information was included in a second screencap in the article.
DataBreaches.net was alerted about the posts by someone who informed this site that the person or persons responsible for the hack had obtained the records of over 7,000 people. In addition to the screencaps in the blogs, they sent DataBreaches two pdf files. While neither of the two “Employee List Report” pdf files contained SSNs, one of the files — an employee list report for a named contractor — was more than 18,000 pages long, with several people listed on each page.
According to the individual, data will be available for purchase soon. They did not say how soon, but when questioned, they said that the individual or individuals responsible had not contacted TxDOT to try to extort money not to leak or sell the data.
The perpetrator(s) are “not beasts,” according to DataBreaches, and do not do anything for money or coercion. “It’s just for publicity and to demonstrate that they have poor security,” they explained. “We are all human beings with morality.” I’d rather not be extorted for money. “Would you?” DataBreaches inquired.
No, it does not. But how can they justify selling the information? They answered to the question as follows:
Extortion is simply wrong.
As in blackmail.
However, it was sold as there isn’t much you can do with ssn anyhow.
To conduct something truly dangerous, you must have a photo of your SSN as well as a photo of your ID.
When DataBreaches was asked how they acquired access, they answered that it was through a brute force approach.
DataBreaches emailed the Texas Department of Transportation’s public relations on Sunday evening to inquire about the alleged occurrence and to give them with the urls to the listings and screencaps. DataBreaches also notified the TxDOT Twitter team about the incident and the email sent to their public relations department. DataBreaches phoned TxDOT early Monday morning and left a voicemail for their cybersecurity department, claiming that they had been hacked. The phone number for this website was mentioned in the message.
Ragle, Inc., a highway and bridge construction corporation with locations in Indiana and Texas, was also contacted by DataBreaches. Ragle was purportedly recently hacked by the Black Basta ransomware gang, and Ragle’s business and employee data was leaked on Black Basta’s dark web leak site on or around April 28. It now appeared that some of Ragle’s data, including payroll-related data for its employees, had been compromised in the TxDOT hack. DataBreaches does not know if the Ragle data was any of the same data exposed by Black Basta.
A strong self-defense IT system is essential to guard against unanticipated cyber assaults like these. Use anti-ransomware software and host-based firewalls to protect your IT infrastructure from the inside. Train employees on cyber threats and suitable procedures. For devices, use numerous strong passwords and update them on a frequent basis. Suspicious behavior should be investigated and reported to IT personnel. One should, however, never forget to back up their data. That is the key to recovery. Vinchin Backup & Recovery is a competent virtual machine solution dedicated to data backup and recovery to protect critical data from cybercrime.
Cyberattacks aren’t just news stories; they’re all around us. If we don’t take the danger of loss seriously, we may all become victims of hackers or ransomware gangs. It is better to be safe than sorry when it comes to creating a complete backup and disaster recovery solution.