Hays County government systems were struck by ransomware in February 2025, disrupting county operations including permit, records, and payment processing systems for approximately two weeks.
Unpatched vulnerability in public-facing county web portal exploited to gain initial foothold. Lateral movement across flat county network leads to ransomware deployment on core systems.
Sentinel ($89/ep/mo) — 24/7 SOC + SIEM. Fortress ($109/ep/mo) — Sentinel + EDR management + vulnerability management. Command ($129/ep/mo) — Fortress + vCISO + compliance mapping + IR plan. See full tier comparison →
| Regime | Standard / Citation | Gap Identified |
|---|---|---|
| TDPA | Tex. B&C Code §521.053 | 18,000 Hays County residents required breach notification within 60 days |
| CJIS | CJIS SP v6.0 §5.13 | If CJIS data present: vendor and system access security requirements apply |
CoreRecon cites verifiable public sources only. No speculation on unverified attribution is published. Threat actor attribution appears only where publicly confirmed by law enforcement or the organization.
Free $2,500 security posture assessment for Texas organizations. We map your gaps against the same attack vectors used in this incident. No contract, no commitment.