Ransomware cyber

City of Dallas

Aug 8, 2025 1 min read
City of Dallas

The City of Dallas was targeted by the Royal ransomware gang, which later rebranded as BlackSuit. The attack involved the deployment of ransomware, leading to significant operational disruptions and potential data breaches. The cybercriminals used double-extortion tactics, encrypting systems and threatening to leak stolen data to coerce payment. The attack was part of a broader campaign that affected over 450 victims in the U.S., including sectors like healthcare, education, and government. The financial impact was substantial, with ransom demands exceeding millions of dollars.

Source: https://www.bleepingcomputer.com/news/security/royal-and-blacksuit-ransomware-gangs-hit-over-450-us-companies/

TPRM report: https://www.rankiteo.com/company/city-of-dallas

"id": "cit416080825",
"linkid": "city-of-dallas",
"type": "Ransomware",
"date": "8/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': ['Healthcare',
                                     'Education',
                                     'Public Safety',
                                     'Energy',
                                     'Government'],
                        'location': 'United States',
                        'name': 'Various U.S. companies',
                        'type': 'Organizations'}],
 'attack_vector': 'Double-extortion tactics, voice-based social engineering',
 'data_breach': {'data_encryption': 'Yes',
                 'data_exfiltration': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Sensitive data'},
 'date_publicly_disclosed': '2024-07-24',
 'description': 'The U.S. Department of Homeland Security (DHS) reported that '
                'the cybercrime gang behind the Royal and BlackSuit ransomware '
                'operations had breached hundreds of U.S. companies before '
                'being taken down. The groups used double-extortion tactics, '
                "encrypting victims' systems and threatening to leak stolen "
                'data to coerce payment. Law enforcement seized their dark web '
                'extortion domains as part of Operation Checkmate.',
 'impact': {'data_compromised': 'Sensitive data from various sectors',
            'financial_loss': '$370 million in ransom payments'},
 'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial gain',
 'ransomware': {'data_encryption': 'Yes',
                'data_exfiltration': 'Yes',
                'ransom_demanded': '$500 million',
                'ransom_paid': '$370 million',
                'ransomware_strain': ['Royal', 'BlackSuit', 'Chaos']},
 'references': [{'source': 'BleepingComputer'}, {'source': 'Cisco Talos'}],
 'response': {'containment_measures': 'Seizure of dark web extortion domains',
              'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes',
              'third_party_assistance': 'International law enforcement '
                                        'partners'},
 'threat_actor': 'Royal and BlackSuit ransomware groups',
 'title': 'Royal and BlackSuit Ransomware Operations Takedown',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.