Major software provider to local governments suffers data breach

A major provider of software services to local governments and schools across the United States, Tyler Technologies Inc., told customers Wednesday that an unknown intruder broke into its phone and information technology systems.

It could not immediately be determined whether ransomware might have been involved.

The Plano, Texas-based company, whose website was offline, said in an email sent to customers that it discovered the breach Wednesday morning, contacted law enforcement and enlisted outside cybersecurity help.

Tyler software provides service for jail and court management systems to taxing, bill collection and land records. The archived website said its company software is “the perfect fit” for everything from small towns to counties serving more than 2 million people.

In Indiana, Tyler has extensive contracts throughout the state, including as manager of statewide e-filing system for courts.

Tyler did not immediately respond to phone calls and emails Wednesday. On Twitter, it said “a network issue” was affecting its phone and web site and that “we’re working to resolve as quickly as possible.” The company’s home page said it was temporarily unavailable but provided no additional information.

“At this time and based on the evidence available to us to-date, all indications are that the impact of this incident is limited to our internal network and phone systems,” said the email sent to customers and obtained by The Associated Press. “We currently have no reason to believe that any client data, client servers or hosted systems are affected.”

An FBI spokeswoman in Dallas could not immediately say whether the agency is involved in any way. The Texas Department of Information Resources did not immediately respond to a request for comment.

A cybersecurity expert assisting municipalities that are customers of Tyler’s Munis software suite, Mike Hamilton of CI Security, said he was particularly concerned that hackers may have obtained access to the passwords of customers stored on its network and could penetrate their systems.

Hamilton, a former Seattle chief information security officer, said Tyler should be notifying customers to immediately reset all their passwords as a precaution.

“It’s completely possible that bad guys have been in there for a good amount of time,” he said.

Munis manages core business functions for government agencies and schools, from payroll to human resources and revenue management.

In ransomware attacks, criminals are increasingly breaking into company and government networks and siphoning out data before scrambling them with encrypted programs and demanding payouts. They threaten to make the stolen data public if the victim doesn’t pay up.

Texas has seen a series of these attacks over the last two years. The victims have included parts of the state court system and the state transportation department this year, and more than 20 local governments last summer. Brett Callow, an analyst with the cybersecurity firm Emsisoft, said Tyler may have been breached with the same ransomware that attacked the Texas Department of Transportation, based on an encrypted file uploaded to the Google-owned malware identification service VirusTotal in June that included ‘tylertech’ in the file name.

Data breaches often are not discovered until months after the fact.

Please enable JavaScript to view this content.

Story Continues Below

Editor's note: You can comment on IBJ stories by signing in to your IBJ account. If you have not registered, please sign up for a free account now. Please note our updated comment policy that will govern how comments are moderated.

{{ articles_remaining }}
Free {{ article_text }} Remaining
{{ articles_remaining }}
Free {{ article_text }} Remaining Article limit resets on
{{ count_down }}