[BreachExchange] Government Services Firm Tyler Technologies Hit by Ransomware

[Destry Winant]

https://securityboulevard.com/2020/09/government-services-firm-tyler-technologies-hit-by-ransomware/

Tyler Technologies, the self-proclaimed largest provider of US public
sector software and technology services, is struggling with a
cyberattack that disrupted many of its operations.

As of yesterday, the official website tylertech.com is offline, and a
maintenance notice greets users accessing the page:

“Our Tyler Technologies corporate website is temporarily unavailable.
We are aware of the issue and are working to bring the site back
online. Please check back soon.”

The Texas-based company offers end-to-end management solutions to over
15,000 government offices across all US states, Canada, the Caribbean
and Australia.

According to a statement released by Chief Information Officer Matt
Bieri, the company discovered an unauthorized party gained access to
internal phone and information technology systems on September 23.

“Early this morning, we became aware that an unauthorized intruder had
disrupted access to some of our internal systems,” Bieri said in an
email sent to Tyler Technology clients.

“Upon discovery and out of an abundance of caution, we shut down
points of access to external systems and immediately began
investigating and remediating the problem. We have since engaged
outside IT security and forensics experts to conduct a detailed review
and help us securely restore affected equipment. We are implementing
enhanced monitoring systems, and we have notified law enforcement.”

His statement suggests that the attack was limited to their internal
systems only, with no customer data impacted by the intrusion.

“At this time and based on the evidence available to us to-date, all
indications are that the impact of this incident is limited to our
internal network and phone systems,” Bieri added. “We currently have
no reason to believe that any client data, client servers, or hosted
systems were affected.”

According to BleepingComputer, RansomExx ransomware operators are
responsible for the attack on Tyler Technologies. The gang has been
linked to recent attacks on the Texas Department of Transportation
(TxDOT) and Konica Minolta.

Time will tell if the intrusion was indeed just limited to Tyler’s
internal systems. Although RansomExx operators have not set up a data
leak page showcasing their latest victims, the possibility of data
exfiltration should not be excluded.