{
	"id": "48545480-4059-4ce1-b242-22401e0e884f",
	"created_at": "2026-04-06T00:16:29.926446Z",
	"updated_at": "2026-04-10T03:20:41.900392Z",
	"deleted_at": null,
	"sha1_hash": "6f694a3f9b6d9dc0661daef89f57f457160c88a4",
	"title": "Texas Courts hit by ransomware, network disabled to limit spread",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1162388,
	"plain_text": "Texas Courts hit by ransomware, network disabled to limit spread\r\nBy Sergiu Gatlan\r\nPublished: 2020-05-11 · Archived: 2026-04-05 17:03:47 UTC\r\nThe Texas court system was hit by ransomware on Friday night, May 8th, which led to the branch network including\r\nwebsites and servers being disabled to block the malware from spreading to other systems.\r\n\"On Friday, May 8th, the Office of Court Administration (OCA), the information technology (IT) provider for the appellate\r\ncourts and state judicial agencies within the Texas Judicial Branch, identified a serious security event in the branch network,\r\nwhich was later determined to be a ransomware attack,\" a statement published today on the site of the Texas Judicial\r\nBranch says.\r\n\"The attack began during the overnight hours and was first discovered in the early morning hours on Friday. The attack is\r\nunrelated to the courts’ migration to remote hearings amid the coronavirus pandemic.\"\r\nhttps://www.bleepingcomputer.com/news/security/texas-courts-hit-by-ransomware-network-disabled-to-limit-spread/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/texas-courts-hit-by-ransomware-network-disabled-to-limit-spread/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nDavid Slayton, Administrative Director of the Office of Court Administration (OCA), the IT provider for the state judicial\r\nagencies and the appellate courts within the Texas Judicial Branch, further explained that the network will remain disabled\r\nuntil the breach is dealt with.\r\nTexas' individual trial court networks were not impacted in the attack and, based on current information, no sensitive data\r\nhas been compromised.\r\nAt this time, there is no indication that any sensitive information, including personal information, was compromised.\r\nAdditionally, due to the structure of the IT function within the state judiciary, individual trial court networks throughout the\r\nstate were unaffected by the cyberattack. - David Slayton\r\nSlayton also said that the OCA \"was able to catch the ransomware and limit its impact and will not pay any ransom,\" and\r\nthat it continues to work on bringing all judicial entities and branch resources affected by the attack back online.\r\nOCA is also collaborating with the Texas Department of Information Resources (DIR) to investigate the ransomware attack,\r\nas well as other information security authorities to recover the impacted data.\r\nTexas Judiciary IT systems that have been moved to the cloud during recent years — including eFileTexas (for filing of\r\ndocuments), reSearchTX (for reviewing filed documents), collaboration tools for editing, and sharing documents, and email\r\n— haven't been impacted by the attack.\r\nThis will allow judicial branch agencies and some of the courts to continue their operations and daily activity unhindered.\r\n\"Judicial branch employees supported by OCA have received training in cybersecurity in recent weeks and will continue to\r\nreceive updated training,\" Slayton added.\r\n\"Due to the ongoing nature of the investigation, remediation, and recovery, OCA will not comment further until additional\r\ninformation is available for public release.\"\r\nLast year, Texas also faced a coordinated ransomware attack that hit 23 local governments, starting with the morning of\r\nAugust 16.\r\nThose incidents were investigated local Texas authorities such as the DIR, Texas Division of Emergency Management, and\r\nTexas Military Department, as well as federal agencies such as the DHS, the FBI – Cyber, and FEMA.\r\nThe threat actor behind the attacks supposedly compromised a managed service provider (MSP) used by the Texas\r\nadministration for technical support to deliver the ransomware payloads.\r\nThe attacker eventually asked for a collective ransom of $2.5 million to provide decryptors to all affected Texas entities.\r\nhttps://www.bleepingcomputer.com/news/security/texas-courts-hit-by-ransomware-network-disabled-to-limit-spread/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/texas-courts-hit-by-ransomware-network-disabled-to-limit-spread/\r\nhttps://www.bleepingcomputer.com/news/security/texas-courts-hit-by-ransomware-network-disabled-to-limit-spread/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/texas-courts-hit-by-ransomware-network-disabled-to-limit-spread/"
	],
	"report_names": [
		"texas-courts-hit-by-ransomware-network-disabled-to-limit-spread"
	],
	"threat_actors": [],
	"ts_created_at": 1775434589,
	"ts_updated_at": 1775791241,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/6f694a3f9b6d9dc0661daef89f57f457160c88a4.pdf",
		"text": "https://archive.orkl.eu/6f694a3f9b6d9dc0661daef89f57f457160c88a4.txt",
		"img": "https://archive.orkl.eu/6f694a3f9b6d9dc0661daef89f57f457160c88a4.jpg"
	}
}