Washington, D.C.'s Department of Insurance, Securities and Banking has disclosed that 800GB of data claimed to have been stolen by the LockBit ransomware operation was obtained from an attack against third-party software provider Tyler Technologies following the ransomware gang's threats to expose 1GB of the exfiltrated data to coerce the agency into providing the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.
Tyler Technologies confirmed that an isolated portion of its private cloud hosting environment containing data from STAR system clients, including DISB, was compromised last month, allowing the exfiltration of personally identifiable information.
"…[O]ur security and technical support teams began working to restore system access in a safe and secure manner. Known, good (immutable) backups were available, and recovery of the application environment and associated data have been a focus for Tyler since we discovered this situation. Our investigation found that a threat actor encrypted the system and acquired data," said Tyler Technologies, which dismissed the link between the latest incident and a data breach in September 2020.
