Ransomware, Americas, Content, Vertical markets

Tyler Technologies Ransomware Attack: $1.5M In Lost Revenue

Government software and IT service provider Tyler Technologies ($TYL) lost about $1.5 million in services revenue because of a ransomware attack in September, the company disclosed in its Q3 2020 earnings report on November 4.

MSSP Alert first reported details about the Tyler Technologies ransomware attack on September 25. After the attack, Tyler Technologies warned that some of its customers had reported suspicious logins, Reuters notes.

Tyler hired third-party cybersecurity investigators to assist with the recovery efforts, though the government software provider did not disclose digital forensics firm(s) by name or any specific MSSP (managed security services provider) engagements.

Tyler provides software services for everything from jail and court management systems to payroll, human resources, tax and bill collection and land records, the Associated Press notes. Amid the attack, Tyler was quick to point out that none of its products are a system of record for voting or election-related activities.

The company's public sector software addresses such government needs as:

  • appraisal and tax software and services;
  • software for courts and justice agencies;
  • enterprise financial software systems;
  • planning/regulatory/maintenance software;
  • public safety software;
  • records/document management software solutions; and
  • transportation software solutions for schools.

Tyler initially was quick to point out that those customer applications were not impacted by the attack. But the company on September 26 warned that some customers have reported suspicious logins in recent days.

Tyler Technologies: Ransomware Attack and Recovery Updates

Key details about the attack and ongoing recovery efforts include the following details from the company, as paraphrased by MSSP Alert:

  1. How was Tyler Technologies attacked?: An unknown third party gained unauthorized access to Tyler Technologies' internal phone and information technology systems. The attack involved ransomware, though a specific strain was not disclosed.
  2. When did Tyler Technologies discover the cyberattack?: Early on Wednesday, September 23, 2020.
  3. Who Is investigating the Tyler Technologies cyberattack?: Tyler has hired outside IT security and forensics experts to conduct a detailed review and to help the company securely restore affected equipment. The names of companies assisting the investigation were not disclosed. Tyler has also notified law enforcement about the attack.
  4. What Tyler Technologies systems were hit?: The incident initially appeared limited to Tyler's internal corporate network and phone systems. But some customers as of September 26 were reporting suspicious logins to Tyler-provided applications.

Tyler Technologies Ransomware Attack: SEC Filing

In an SEC filing on November 4, 2020, Tyler Technologies disclosed these additional details about the ransomware attack and recovery status.

  • The investigation remains ongoing and there can be no assurance as to what the impact of the Incident will be.
  • The Incident has caused and may continue to cause an interruption in parts of our business. Such interruption may result in a loss of revenue and incremental costs that may adversely impact the company’s financial results.
  • Tyler maintains cybersecurity insurance coverage in an amount that the company believes is adequate.
  • The company incurred "immaterial" costs associated with the Incident during the three months ended September 30, 2020.
  • Tyler expects to incur more costs related to its response, remediation, and investigatory efforts relating to the Incident.

Note: Story originally published September 25, 2020. Updated multiple times thereafter.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.