Tyler Technologies (NYSE:TYL) said on Wednesday, that an unknown party had hacked its internal systems. The company’s products are in use by U.S. states and counties to share election data.
In an email, the firm confirmed the breach after warning clients in an email earlier in the day. Among other purposes, its platforms are in use by elections officials to display voting results.
Both emails state that it did not believe there was a breach in clients’ software.
Furthermore, in its email, the company states it was working to restore its systems and had notified law enforcement. It did not say whether there had been a ransomware demand or how it had learned of the breach. It did not respond to questions, either.
The software vendor is a major provider of emergency management and other programs to U.S. counties and municipalities.
It is possible that foreign hackers might attempt to access and alter websites that report election results. In fact, this was a warning from the FBI and the U.S. Department of Homeland Security this week.
Neither has responded yet to requests for comment after East Coast working hours.
Furthermore in its email to customers, Tyler says that there is a security incident. In addition, it involves unauthorized access to their internal phone and information technology systems by an unknown third party.
There was no mention in the email of what internal systems are under suspicion of breach.
It said they currently have no reason to believe that any client data, client servers, or hosted systems were affected.
Major concerns for security officials are election results and their reporting. But even so, a financially motivated attack could wreak havoc as well if it spread to Tyler Technologies customers.
Reset Passwords Immediately
Countries should immediately reset the passwords they use to log into Tyler Technologies systems. Tyler can log in remotely to some software it sells. So it is safest to assume that the hackers could do so as well.
These were statements from Mike Hamilton, chief information security officer at CI Security. Hamilton is also a former chief information security officer for the city of Seattle.
The breach at the company may have happened some time ago. There is a possibility that any stored passwords might have already been taken and used.
Tyler is one of the largest solution providers to state and local government in the U.S. Reports on cybersecurity state that it was hit in an apparent ransomware attack.
The firm is based in Plano, Texas. It provides end-to-end information management solutions to over 15,000 local government offices in 50 states. Moreover, this includes Canada, the Caribbean, and Australia.
Tyler Technologies also sells solutions into the federal government. Last year, it purchased 22-year-old MicroPact.
MicroPact boasts deals with 98% of federal agencies with 500 or more employees, and 49 states. According to a regulatory filing, it had 5,368 employees as of the end of 2019.
Using ransomware as a talking point, Tyler has been aggressive about selling security solutions to its clients in government.
It acquired Sage Data Systems, a cybersecurity company in 2018. In an August 2019 earnings call, Tyler’s CEO Lynn Moore said this acquisition positions the company well to sell.
That meant selling into municipal customers that have prioritized security after high profile ransomware has attacked cities and towns.