Suspicious logins reported after ransomware attack on US govt contractor
Last week, US government contractor Tyler Technologies admitted that they had suffered from a ransomware attack that compromised their servers and locked access to some internal documents. However, new information on the case has emerged, as its customers have reported that they observed suspicious logins and previously unnoticed RATs on their networks and servers. According to the company, the threat actor gained access to its networks on Wednesday, September 23. Security experts have criticized the company for not taking the threat seriously enough.
Tyler initially reported that only its internal corporate network and phone systems were impacted, however, the company changed their statement on Saturday, now stating that customers may have been impacted as well. Tyler announced that it will now be enforcing precautionary password resets in order to mitigate the potential risk that customer networks were breached as well.