Officials at Dallas County have disclosed that data allegedly exfiltrated from its systems following a ransomware attack claimed by the Play ransomware operation has been leaked online, according to WFAA-TV.
"We are currently in the process of thoroughly reviewing the data in question to determine its authenticity and potential impact... Our investigation into the incident remains ongoing and we continue to work closely with law enforcement and our cybersecurity experts to address this situation," said Dallas County Judge Clay Jenkins, who initially confirmed that the county's systems had been compromised earlier last month.
Such a statement comes a week after Dallas County touted that it was able to avert file and system encryption efforts following containment measures, which included forced password changes, multi-factor authentication requirements, malicious IP address blocking efforts, and endpoint detection and response tool implementation.
Prior to Dallas County, the Play ransomware operation also targeted the City of Oakland in California.
BleepingComputer reports vulnerable ConnectWise ScreenConnect servers impacted by the CVE-2024-1708 and CVE-2024-1709 flaws were observed by Sophos X-Ops researchers to have been subjected to numerous LockBit ransomware attacks since Feb. 21 .