City of Fort Worth says it was hacked, targeted by group over Texas' stance on gender-affirming care

The City of Fort Worth says it was targeted by a group of hackers because of the state's stance on gender-affirming care.

City officials say the hackers stole information from a website used to track city work orders, but no sensitive information has been released.

On Friday, June 23 the City's Information Technology Solutions Department was told about a post that said the City's website had been hacked.

Staff found that data posted online came from an internal information system used to track work orders, not the City's public website.

"The City of Fort Worth has confirmed that the posted information did originate from our computer systems, however the data came from a website that our workers use to manage their maintenance activities. Not from the city's public facing internet website," said Kevin Gunn, Fort Worth's IT Solutions Director, during a news conference Saturday.

They believe the hackers stole credentials to log in to the website used by workers. 

The City says the hackers downloaded file attachments to work orders in the system.

"Those attachments include things like photographs, spreadsheets, invoices for work performed, PDF documents, emails between staff and other information related to work orders," Gunn explained.

Fort Worth's IT Department says any info that was taken would be information that they would be willing to make public in a Freedom of Information Act request.

"No indication that any other systems were accessed, nor any other evidence of sensitive information such as social security or banking information was accessed or released," said Gunn.

The City of Fort Worth believes the group SeigeSec is behind the attack. The group posted the information to Telegram and Twitter.

Fort Worth said the post indicated that they believe the information was posted in an attempt to embarrass the city.

"We have decided to make a message toward the U.S. Government, Texas happens to be one of the largest states banning gender-affirming care and for that we have made Texas a target," the post said, according to the City.

This data leaks comes after a Malware attack against the City of Dallas in May. The attack impacted the function of the city's online systems for weeks.

READ MORE: Dallas Public Library system back up weeks after ransomware attack

Unlike that attack, there has been no request for ransom.

Fort Worth city officials have not found any encryption of files either.

Gunn says the city's IT department removed access to the website.

"We have forced all the users to reset their passwords, and additionally we are continuing to review this volume of information to make sure we fully understand the scope and depth of this incident," he said.

Gunn says right now they don't know how the hackers got the login credentials.

He also says they don't know much about the group or its motive.

The City says they have contacted local police, federal law enforcement and forensic specialists to investigate the incident.

Fort WorthTechnology