NewsNation Now

Dallas faces threat of data leak after cyber-attack

Stephanie Haines

FILE - An American and Texas flag sit at half-staff outside of the Dallas Police Department headquarters, July 8, 2016, in Dallas. Dallas was hit with a computer ransomware attack that affected various websites, including the police department and municipal court, officials said Wednesday, May 3, 2023. (AP Photo/Tony Gutierrez, File)

(NewsNation) — A ransomware group is threatening to leak personal and government data from the City of Dallas, Texas, nearly three weeks after a cyberattack.  

The attack forced the city’s 911 computer dispatch system offline, shut down municipal courts and limited access to records. Officials are working to remove the virus and say it could be weeks until everything is back online.  


The ransomware group, Royal, posted a blog entry over the weekend and threatened to carry out a leak. City officials are aware of the post but have maintained for weeks there is no evidence any personal data was compromised. 

The city was hit with a virus on May 3 and immediately shut down its systems to stop it from spreading. The 911 dispatch computer is back up and running, but other systems are in the process of being cleaned and restored. 

Police and fire union presidents said things still aren’t back to normal. One union president said he’s still waiting to access files on his computer.  

If Royal’s threat were to come to fruition, it would make officers’ jobs even harder, said Terrance Hopkins, president of the Black Police Association of Greater Dallas. 

“There’s a lot of personal information in there, whether that’s personal information from a complainant or suspect, and then you have the officer’s personal information that can be impacted,” Hopkins said.
“It makes it tough for us because unfortunately we have the authority to put people in jail and that’s not always received well. So, anybody that wanted to come back and possibly retaliate — they have that ability.”

The FBI, along with the U.S. Cybersecurity and Infrastructure Agency, published a warning earlier this year revealing Royal has compromised American and international organizations since September. 

The group has demanded up to $11 million in ransom.  

Those who work in cybersecurity say it happens in cities across the country every day.  

“Typically, when ransomware hits, the hackers have been on the network for months already,” Reachout Technology CEO Rick Jordan said. “So, they may have gone back and said, ‘Woah wait the backups from three and four months ago are also infected, so we need to go further back,’ and that’s why it’s probably taking so long to reimage things.”  

FBI officials say they can’t speak to major details about the criminal investigation, including whether the post from Royal is real, how much it could cost the city, and if there are plans to pay a ransom.