A hacktivist group broke into an online system belonging to the Texas city of Fort Worth, stole several gigabytes of data, and then posted it online.
On Saturday, Fort Worth officials admitted that it suffered a data breach, but said that after reviewing the leaked data, “at this time, there is no indication that sensitive information related to residents or staff are a part of this incident,” and that the data “was not sensitive and would be information releasable to the public through a Public Information Request.”
In an online post on its official website, the city said that the leaked data included “attachments to work orders, including photos, spreadsheets, invoices, emails, PDF documents and other material related to work orders.”
“There is no evidence at this time that any other systems were accessed, nor any evidence that sensitive data such as social security numbers, credit card or banking information was accessed, nor released,” the post read.
The city said that an example of the stolen data is “the address of a home with a pothole in the City street in front of the home, that needs to filled, [sic] as well as a picture of the pothole.”
A cursory review of the leaked files shows several pictures of potholes, tilted traffic signs, or fallen down traffic lights, and email messages between city employees. There is also a document that includes the names, work phone numbers, and email addresses of Fort Worth’s employees.
The hacktivist group goes by SiegedSec, and it claimed the hack on its Telegram channel, saying “we have decided to make a message towards the U.S government. Texas happens to be one of the largest states banning gender affirming care, and for that, we have made Texas our target. Fuck the government.”
The hackers did not immediately respond to a request for comment sent to the email address published on their Telegram channel. Representatives from Fort Worth also did not respond to a request for comment.
The city wrote that the hackers accessed “an internal information system, an application named Vueworks,” by acquiring login credentials to it, although the city said it still doesn’t know how the hackers got those credentials.
The city is asking users of the affected system to reset passwords, is reviewing “sources of information to determine the scope and depth of this incident specific to VueWorks,” and it’s working with law enforcement and computer forensic experts.
SiegedSec has a history of data breaches. Earlier this year, the group leaked data stolen from software giants Atlassian, and workplace management services startup Envoy. Last year, with the goal of protesting abortion restrictions in the U.S, the group targeted the IP addresses of U.S. companies that had exposed industrial control systems (ICS) ports, according to cybersecurity firm Mandiant.
Do you have information about SiegedSec or other hacktivist groups? We’d love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Wickr, Telegram and Wire @lorenzofb, or email firstname.lastname@example.org. You can also contact TechCrunch via SecureDrop.