{ "id": "41894905-3d85-4750-9e3a-4b0a8c8acf85", "created_at": "2026-04-06T03:35:53.674449Z", "updated_at": "2026-04-10T03:22:01.760285Z", "deleted_at": null, "sha1_hash": "84be15a06beaefab27ba937ef33fefca3b882684", "title": "Government software provider Tyler Technologies hit by ransomware", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 2877450, "plain_text": "Government software provider Tyler Technologies hit by ransomware\r\nBy Lawrence Abrams\r\nPublished: 2020-09-24 · Archived: 2026-04-06 03:16:15 UTC\r\nLeading government technology services provider Tyler Technologies has suffered a ransomware attack that has disrupted\r\nits operations.\r\nTyler Technologies is one of the largest U.S. software development and technology services companies dedicated to the\r\npublic sector.\r\nWith a forecasted $1.2 billion in revenue for 2020 and 5,500 employees, Tyler Technologies provides technical services for\r\nlocal governments in many states in the USA.\r\nhttps://www.bleepingcomputer.com/news/security/government-software-provider-tyler-technologies-hit-by-ransomware/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/government-software-provider-tyler-technologies-hit-by-ransomware/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nStarting earlier today, Tyler Technologies' website began to display a maintenance message, and their Twitter account\r\ntweeted that they were having technical difficulties.\r\nIn an email seen by BleepingComputer, Tyler Technologies CIO Matt Bieri emailed clients stating that they are investigating\r\na cyberattack and have notified law enforcement.\r\n\"I am writing to make you aware of a security incident involving unauthorized access to our internal phone and information\r\ntechnology systems by an unknown third party. We are treating this matter with the highest priority and working with\r\nindependent IT experts to conduct a thorough investigation and response.\"\r\n\"Early this morning, we became aware that an unauthorized intruder had disrupted access to some of our internal systems.\r\nUpon discovery and out of an abundance of caution, we shut down points of access to external systems and immediately\r\nbegan investigating and remediating the problem. We have since engaged outside IT security and forensics experts to\r\nconduct a detailed review and help us securely restore affected equipment. We are implementing enhanced monitoring\r\nsystems, and we have notified law enforcement,\" Bieri stated in an email to clients.\r\nBieri also stated that current investigations indicate that the attack was limited to Tyler Technologies' local network.\r\nIn posts to the Municipal Information Systems Association of California (MISAC) forum shared with BleepingComputer,\r\nlocal government employees were told that Tyler Technologies suffered a ransomware attack affecting their phone ticketing\r\nsystem and support systems.\r\n\"We were told this morning from one of the support techs that they got hit with ransomware early this morning on their\r\ncorporate networks. Don't have any other details at this point other than support is down until they access their systems,\" one\r\nlocal municipality employee posted to the MISAC forum.\r\nAnother MISAC user stated that they heard the attack was limited to Tyler Technologies' internal network and did not affect\r\nclients.\r\nIf you have first-hand information about this or other unreported cyberattacks, you can confidentially contact us on Signal\r\nat +16469613731 or on Wire at @lawrenceabrams-bc.\r\nTyler technologies hit by RansomExx ransomware\r\nCybersecurity sources familiar with the attack told BleepingComputer that Tyler Technologies suffered an attack by the\r\nRansomExx ransomware.\r\nRansomExx is a rebranded version of the Defray777 ransomware and has seen increased activity since June when they\r\nattacked the Texas Department of Transportation (TxDOT), Konica Minolta, and most recently IPG Photonics.\r\nWhile BleepingComputer has not obtained the ransom note, we found an encrypted file uploaded to VirusTotal today related\r\nto this attack.\r\nhttps://www.bleepingcomputer.com/news/security/government-software-provider-tyler-technologies-hit-by-ransomware/\r\nPage 3 of 4\n\nThis encrypted file has an extension of '.tylertech911-f1e1a2ac,' which includes Tyler Technologies' name and is the same\r\nformat used in other RansomExx attacks.\r\nRansomExx does not have a ransomware data leak site, but that does not mean they do not steal unencrypted files before\r\ndeploying their ransomware.\r\nBleepingComputer has contacted Tyler Technologies with further questions but has not received a response.\r\nThx to Fate112 for the tip!\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/government-software-provider-tyler-technologies-hit-by-ransomware/\r\nhttps://www.bleepingcomputer.com/news/security/government-software-provider-tyler-technologies-hit-by-ransomware/\r\nPage 4 of 4", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia", "ETDA" ], "references": [ "https://www.bleepingcomputer.com/news/security/government-software-provider-tyler-technologies-hit-by-ransomware/" ], "report_names": [ "government-software-provider-tyler-technologies-hit-by-ransomware" ], "threat_actors": [], "ts_created_at": 1775446553, "ts_updated_at": 1775791321, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/84be15a06beaefab27ba937ef33fefca3b882684.pdf", "text": "https://archive.orkl.eu/84be15a06beaefab27ba937ef33fefca3b882684.txt", "img": "https://archive.orkl.eu/84be15a06beaefab27ba937ef33fefca3b882684.jpg" } }