As investigations into a massive, coordinated ransomware attack against local governments in Texas continues, 13 new victims of ransomware attacks have been publicly identified. Most of them are school districts, thought the victims also include an Indiana county, a hospice in California, and a newspaper in Watertown, New York.
The ransomware involved in the Texas attacks, which hit 22 local-level government entities, has not yet been identified. Multiple sources have suggested that the Texas attacker gained access through a managed service provider that the local governments all had in common, but that has not been confirmed by state officials.
In the case of this latest batch of attacks, Ryuk ransomware has been identified as the malware used on at least three occasions. The victims, based on data collected by the threat research group at cloud security firm Armor, include: