Hackers Claim Attack on Texas City Website, Citing State’s Ban on Transgender Procedures for Children

Hackers Claim Attack on Texas City Website, Citing State’s Ban on Transgender Procedures for Children
File photo of a hacker on his computer. Nicolas Asfouri/AFP via Getty Images
Updated:
0:00

A group of hackers said it attacked a Texas city government website due to the state’s recently-enacted law on transgender procedures and said it is planning more attacks.

The group, SiegedSec, took to Telegram on June 23 around 4:00 p.m. to post what it says are about roughly 500 thousand files leaked from the Texas Fort Worth government website—fortworthtexas.gov.

“We easily hijacked their administrator account,” the group said of the data leak. “The files leaked include: Work orders, employee lists, invoices, police reports, emails between employees/contractors, internal documents, camera footage, and lots, lots, lots more.

“The total size of this data leak is around 180GB,” it said. The Telegram post contained 10 links to the data leaked, each of which contained about 20GB of government files.

The group said it carried out the hack to “make a message towards the U.S government.”

“Texas happens to be one of the largest states banning gender affirming care, and for that, we have made Texas our target. [Expletive] the government,” the group said.

A member of SiegedSec told The Daily Dot on June 27 that its hacking activities with Texas’s Fort Worth “is the start of a campaign” against all states that ban transgender procedures, adding that the group has “a few more attacks planned soon.”

“We targeted Fort Worth mostly because it was a vulnerable target in a list we had, we were checking any government domain associated with Texas,” the anonymous member added.

According to DarkOwl, a dark-web monitoring firm, SiegedSec was formed in February 2022 and calls itself a “hacktivist” group. The group appears motivated “by the sheer fun of the experience, the potential clout gained by publicly mocking organizations with insufficient information security controls,” the firm said.

City of Fort Worth Responds

The city of Fort Worth confirmed the breach in an updated notice on June 24, including that the information the hackers posted belonged to the city’s computer systems. However, the data was “not from the City website.”

The city also said there is no evidence that “sensitive data such as social security numbers, credit card or banking information was accessed, nor released.”

The data was “from an internal information system, an application named Vueworks,” the notice reads, adding that there is no evidence currently that any other systems were accessed. VueWorks is used by Fort Worth’s transportation and property management departments to track work on roads and buildings.

“It is important to note that it does not appear that the data was downloaded by accessing the City server, database or disk storage.”

The city said its IT department has blocked the asset management system from external access and has contacted VueWorks for vendor support. Meanwhile, all VueWorks users have been asked to change their passwords.

The city government didn’t mention the name of the group of hackers who claimed responsibility for the breach nor their stated motive. However, Kevin Gunn, the city’s chief technology officer, said during a news conference on June 24 that the hackers’ Telegram post “alludes to, basically, embarrassing the city and making a political statement.”

“The has been no ransom demanded of the City of Fort Worth. City IT operations are returning to normal as of noon Monday, June 26,” an updated city notice reads.

Gunn said the latest hacking was very different from when the city of Dallas was hit with a ransomware attack in May.

Texas Law Banning Trans Procedures For Minors

In early June, Texas Gov. Greg Abbott, a Republican, signed into law legislation that restricts gender transitioning procedures and treatments for those under the age of 18 in the state. The law is set to take effect on Sept. 1.

The legislation, referred to as Senate Bill 14, bars doctors from performing certain procedures and treatments related to gender transitioning, reassignment, or gender dysphoria to children under the age of 18. It also restricts the use of public funds or public assistance for such procedures.

The state’s attorney general can act against health care providers who violate the law, including seeking a court order to restrain or stop any violations. The law, however, does not make providing such procedures a felony (source-delete).

Specifically, under the law, doctors and health care providers are barred from performing surgeries that render minors unable to have children in the future. The new law also bans the removal of healthy body parts or tissues, taking drugs that make one unable to have children, or removing healthy breasts.

There are some exceptions, including that doctors can prescribe drugs to stop puberty for children who start puberty too early if permitted by the child’s parents or guardians. Doctors can also carry out medically necessary procedures or treatments on minors who have genetic issues with their sex development or chromosomes.

The law also stipulates that children who had non-surgical treatments prior to June 1, and those who took at least 12 sessions of mental health counseling or psychotherapy six months before starting their prescription drug treatments, may continue in the short term, but doctors must “wean” them off the medications.

Public money can’t be used to fund doctors or hospitals and medical schools that facilitate transgender procedures for minors, the law states, and such procedures don’t qualify for Medicaid reimbursements or any child health plan programs.

At least 18 other states now have laws against transgender procedures for minors.

Caden Pearson contributed to this report.