Dallas CAD Hacked, Doh!
UPDATE: DCAD hack confirmed. $1M Ransom Demanded.
Open Records Project volunteers identified the original Dallas CAD computer compromise almost a year ago and contacted them along with the FBI. Dallas CAD sent hundreds of thousands of postcards to unsuspecting Dallas property owners instructing them to visit www.DallasCountyTexasTaxes.gov, an apparent trusted government website.
(DO NOT visit that site unless you have all your security turned up to max.) Visitors seeking to reduce their property taxes were immediately bounced to an untrusted criminal-run website in Bulgaria.
Dallas CAD Spokesperson Cheryl Jordan assured us everything was OK because they contracted out to a company called True Prodigy. At the time True Prodigy appeared to be a 2 man shop that was really a one man shop, and the one man never responded to our numerous attempts at contact.
Dallas CAD IT Director John Milam responded with a rambling letter about DNS and IP addresses and referred us to Public Relations. A search of Linkedin and the usual professional organizations failed to reveal a computer professional with that name.
THE REAL RANSOMWARE PROBLEM
A more frightening possibility is that several hundred thousand Dallas property owners were compromised by visiting a website run by criminals and they are being held for ransom or exploited in other ways.
Special thanks to our ninjas B.B., Jason, D.B., and Chris.
Why does nobody ever get fired in this town?