Abilene, Texas, shut down systems after a cyberattack caused server issues. The incident occurred on April 18, 2025. Texas emergency services remained operational, and no financial irregularities were found. “On April 18, 2025, City officials received reports of unresponsive servers within our internal network and immediately began executing our incident response plan and disconnecting affected and critical assets to secure our systems,” reads the notice of security incident published by the company. “We also launched an investigation and engaged industry-leading cybersecurity experts to determine the nature and scope of the incident and notified relevant authorities.”[1]
The IT department worked tirelessly to restore services. However, some of the impacted systems remain offline as a precaution, but emergency services continue to operate. The experts investigating the incident are not aware of any financial irregularities that occurred after the event. Card systems at government offices are down, so only cash, checks, or online card payments are accepted. The city announced that it won’t shut off utilities for late payments. “Water utilities customers are still able to pay their Municipal Services Statements. While systems and telephones are being brought back online, you may experience a slower-than-normal response to service requests. We are reviewing email requests and will respond as quickly as possible,” continues the notice. “Due to system issues, we will not shut off past-due accounts.
The IT team continues to monitor for unusual activity. City officials shared emergency contact information and announced that the full recovery would take time.
In May 2023, the IT systems at the City of Dallas, Texas, were targeted by a ransomware attack. To prevent the threat from spreading within the network, the city has shut down the impacted IT systems.
The city confirmed the security incident and worked to recover from the ransomware attack that impacted its services, including the police department.
See: https://redskyalliance.org/xindustry/royal-ransomware
The Royal Ransomware Group claimed responsibility for the attack, but authorities have not confirmed. While the characteristics of the attack suggest it is ransomware, the specific group involved has not been publicly identified.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://securityaffairs.com/176793/hacking/abilene-city-texas-takes-systems-offline-following-a-cyberattack.html
Comments