The Tarrant Appraisal District confirmed sensitive data for "under 300" taxpayers has been posted online.

The tax entity had its website hacked by ransomware with a bounty of $700,000 in March, according to previous reporting. The criminal group Medusa made a post offering to sell the information if TAD didn’t pay off the ransom.

“We worked closely with leading cybersecurity experts to carefully review the affected data, and all individuals, under 300 in total, whose legally protected information was potentially affected have already been notified via U.S. First-Class Mail as of last week,” said Joe Don Bobbitt, chief appraiser of the Tarrant Appraisal District. “We made it a priority to quickly identify those potentially affected and initiated direct outreach through mailed notifications.”

TAD will provide complimentary credit monitoring for those impacted, according to a news release.

The background

This is the latest of a litany of technology-related issues with TAD, which sets property appraisals and administers exemptions for tax purposes.

On March 21, the district announced there was a network issue that made systems and data inaccessible.

The security issue came a week after TAD announced a new website after technical issues made the previous website temporarily unavailable on March 14.

In 2022 there was a data breach and a third-party company was hired in December 2023 to investigate it, according to previous reporting. The summary provided no findings to indicate the pinpoint of the source or if data was stolen, according to a news release from TAD.

What they’re saying

“TAD’s IT team is continuing to work with cybersecurity experts to monitor the status of Medusa’s leak site and additional updates will be provided if there are any further developments,” Bobbitt said.