{ "id": "7f75822a-a3e7-4f1a-b9ba-8698f5c0b21d", "created_at": "2026-04-06T00:22:39.0464Z", "updated_at": "2026-04-10T13:12:14.715365Z", "deleted_at": null, "sha1_hash": "158f0bb7394c571a622c13195cdce5dfdcc510af", "title": "Fort Worth officials say leaked data came from Public Information Act request", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 72317, "plain_text": "Fort Worth officials say leaked data came from Public Information\r\nAct request\r\nBy Jonathan Greig\r\nPublished: 2023-07-04 · Archived: 2026-04-05 15:18:25 UTC\r\nOfficials in the City of Fort Worth, Texas denied being hacked for a second time after the same cybercrime group\r\nposted another batch of information allegedly stolen from government networks.\r\nOn Saturday, the SiegedSec hacking group said its “final” attack involved 40GB of stolen data from Fort Worth’s\r\nDepartment of Transportation \u0026 Public Works. The group shared screenshots of what appeared to be a file transfer\r\nservice used by the city, which has nearly 1 million residents.\r\nThe group leaked the data alongside information stolen from several companies. In its previous attack on the City\r\nof Fort Worth and other local governments across the U.S., the hackers claimed that their motive was to punish\r\nU.S. states that are banning gender-affirming care.\r\nSeveral experts have questioned that stated motive, and in subsequent attacks the group targeted states that had not\r\nbanned the practice.\r\n“This will be the conclusion of SiegedSec's attacks on the U.S,” the group said on Saturday. “Our intention\r\nthroughout this operation was to make a statement and encourage others to do the same. We have proudly\r\nsucceeded in our goal. Until next time.”\r\nFort Worth’s city spokeswoman initially said their IT department was investigating the issue but Fernando Costa,\r\nassistant city manager of Fort Worth, later told Recorded Future News that the city’s IT department has\r\ndetermined that the published data “consists of public information posing no risk of identity theft or financial\r\nfraud.”\r\n“IT staff validated the source of the data is previously released data in response to a Public Information Act\r\nrequest. The underlying server, database and storage, again, was not compromised,” the city’s IT department said.\r\n“All the data posted by the attacking group is public information and not sensitive information that could result in\r\nidentity theft or financial fraud.”\r\nLast week, the city confirmed that a website with government information was breached and accessed by the same\r\ngroup of hackers.\r\nBut they downplayed the severity of that incident in comments to the media, explaining that the data came from a\r\nwebsite that city workers use to manage maintenance activities.\r\n“It appears the hackers downloaded file attachments to work orders within the system and those attachments\r\ninclude things like photographs, spreadsheets, invoices for work performed, emails between staff, PDF documents\r\nand other related materials for work orders,” the city’s Chief Technology Officer Kevin Gunn said.\r\nhttps://therecord.media/fort-worth-officials-say-leaked-data-was-public\r\nPage 1 of 3\n\nNone of the information was “sensitive in nature,” Gunn said, adding that overall most of it is data that “would be\r\nreleased through a Public Information Act request.” Gunn said the investigation uncovered that the group stole\r\nlogin information but it is unclear how they managed to accomplish that.\r\nNo other systems were accessed and no sensitive data was accessed or released, Gunn reiterated.\r\nSiegedSec never asked the city for a ransom, according to Gunn. When asked by reporters what motivated the\r\ngroup, he referenced their Telegram post, noting that they appeared interested in embarrassing the city and\r\n“making a political statement.”\r\nSiegedSec claimed it hacked the governments of Arkansas and Kentucky last year after the state banned abortion\r\nfollowing the Supreme Court decision to overturn Roe v. Wade. But state officials later confirmed that the group\r\nsimply downloaded publicly available record data.\r\nThe group leaked documents or defaced the websites of government agencies in Nebraska, South Dakota, Texas,\r\nPennsylvania and South Carolina last week.\r\nNo previous article\r\nNo new articles\r\nhttps://therecord.media/fort-worth-officials-say-leaked-data-was-public\r\nPage 2 of 3\n\nJonathan Greig\r\nis a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since\r\n2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.\r\nHe previously covered cybersecurity at ZDNet and TechRepublic.\r\nSource: https://therecord.media/fort-worth-officials-say-leaked-data-was-public\r\nhttps://therecord.media/fort-worth-officials-say-leaked-data-was-public\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia", "MISPGALAXY" ], "origins": [ "web" ], "references": [ "https://therecord.media/fort-worth-officials-say-leaked-data-was-public" ], "report_names": [ "fort-worth-officials-say-leaked-data-was-public" ], "threat_actors": [ { "id": "c29ed071-678d-4023-a954-7138fb534056", "created_at": "2023-11-05T02:00:08.079228Z", "updated_at": "2026-04-10T02:00:03.39948Z", "deleted_at": null, "main_name": "SiegedSec", "aliases": [], "source_name": "MISPGALAXY:SiegedSec", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1775434959, "ts_updated_at": 1775826734, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/158f0bb7394c571a622c13195cdce5dfdcc510af.pdf", "text": "https://archive.orkl.eu/158f0bb7394c571a622c13195cdce5dfdcc510af.txt", "img": "https://archive.orkl.eu/158f0bb7394c571a622c13195cdce5dfdcc510af.jpg" } }