Following Ransomware Attack, Tyler Technologies Advises Clients to Change Passwords



Connecting state and local government leaders

The company is a leading provider of software to state and local governments. So far, it says it looks like the security breach has affected only its internal computer systems.

Tyler Technologies, a vendor that provides software to states and localities, has advised clients to change passwords after reports of suspicious login attempts, a warning that comes as the company is dealing with a ransomware attack on its own internal network.

The company said over the weekend that it was aware of “several suspicious logins to client systems” and strongly recommended that clients reset remote network access passwords for Tyler staff, as well as credentials the company’s staff would use to access applications.

A statement posted on Tyler’s website says that the company learned of a cybersecurity breach to its internal systems—including phone and IT systems—last Wednesday and has since confirmed that the situation involves a ransomware attack.

The company declined to comment on Monday about how many clients reported suspicious login attempts, where those clients are located, or if any of the login attempts had succeeded and resulted in nefarious activity of any kind.

In its online statement, Tyler says that because the company’s investigation into the incident is still active it would not provide additional specifics.

But the company emphasized over the weekend that evidence so far seemed to indicate that the digital attack was directed at its own internal corporate network and phone systems, which are separate from where the company hosts software for clients.

The company says it has been in contact with the FBI about the breach.

While the situation is unfolding during the runup to the November election, Tyler has noted that it does not make election software. 

There is heightened concern about cybersecurity around the election after efforts by Russia to interfere in the 2016 presidential contest. 

But, in a statement issued Monday, the FBI and the Cybersecurity and Infrastructure Security Agency suggested that bad actors may be fanning the flames around these worries to raise doubts about the integrity of the upcoming election.

“Foreign actors and cyber criminals,” the agencies said, are spreading false and inconsistent information through online platforms in an attempt to manipulate public opinion, discredit the electoral process and undermine confidence in U.S. democratic institutions.

“These malicious actors could use these forums to also spread disinformation suggesting successful cyber operations have compromised election infrastructure and facilitated the ‘hacking’ and ‘leaking’ of U.S. voter registration data,” the agencies added.

They pointed out that a lot of U.S. voter information can be purchased or acquired through publicly available sources, and said that while “cyber actors” have in recent years obtained voter registration information this did not affect the integrity of election results. 

“The FBI and CISA have no information suggesting any cyberattack on U.S. election infrastructure has prevented an election from occurring, compromised the accuracy of voter registration information, prevented a registered voter from casting a ballot, or compromised the integrity of any ballots cast,” the agencies also said.

The situation with Tyler is unfolding as Washington state has faced a cyberattack in recent days. State officials there said last week that hackers were targeting the state. Bloomberg reported on Sunday that the attack had infected computer systems used by many state agencies.

Washington’s secretary of state’s office said in a tweet last week that it was aware of “an active cyber threat” facing government entities throughout the country, but that the office had “no reason at this time to believe this is targeted at elections.”

Bill Lucia is a senior reporter for Route Fifty and is based in Olympia, Washington.

NEXT STORY: Pandemic Drives Delaware to Pinpoint Internet Connectivity Speeds