CD
Company Details
Linkedin ID:
city-of-dallas
Website:
Employees number:
6,659
Number of followers:
69,307
NAICS:
92
Industry Type:
Homepage:
dallascityhall.com
IP Addresses:
0
Company ID:
CIT_1017403
Scan Status:
In-progress
City of Dallas Company CyberSecurity Posture
dallascityhall.com
Municipal government of Dallas, Texas, USA. Dallas is the ninth largest city in the United States, with over 1.3 million residents. The City of Dallas operates with over 13,000 employees and an annual budget of $3.6 Billion. Welcome to Dallas Committed to "Service First" Excellence Our core values are Empathy, Ethics, Excellence, Equity
City of Dallas A.I CyberSecurity Scoring
CD Risk Score (AI oriented)Between 0 and 549
CD
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CD Global Score (TPRM)XXXX
CD
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CD Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
City of Dallas
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The City of Dallas targeted by the ransomware attack that compromised a number of servers in its system, including the Dallas Police Department's website. The hackers, a collective known as Royal, assert that they encrypted the city's vital data and threatened to leak private information online. The ransomware gang threatened to divulge information on police informants to the criminal groups they were providing information to. Cyber specialists think that a phishing email that an employee unknowingly clicked is what started the attack.
City of Dallas
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: The City of Dallas was targeted by the Royal ransomware gang, which later rebranded as BlackSuit. The attack involved the deployment of ransomware, leading to significant operational disruptions and potential data breaches. The cybercriminals used double-extortion tactics, encrypting systems and threatening to leak stolen data to coerce payment. The attack was part of a broader campaign that affected over 450 victims in the U.S., including sectors like healthcare, education, and government. The financial impact was substantial, with ransom demands exceeding millions of dollars.
CD Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CD
Incidents vs Government Administration Industry Average (This Year)
City of Dallas has 53.85% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
City of Dallas has 53.85% more incidents than the average of all companies with at least one recorded incident.
Incident Types CD vs Government Administration Industry Avg (This Year)
City of Dallas reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — CD (X = Date, Y = Severity)
CD cyber incidents detection timeline including parent company and subsidiaries
CD Company Subsidiaries
Municipal government of Dallas, Texas, USA. Dallas is the ninth largest city in the United States, with over 1.3 million residents. The City of Dallas operates with over 13,000 employees and an annual budget of $3.6 Billion. Welcome to Dallas Committed to "Service First" Excellence Our core values are Empathy, Ethics, Excellence, Equity
Loading...
CD Similar Companies
Rijkswaterstaat
Rijkswaterstaat is de uitvoeringsorganisatie van het Ministerie van Infrastructuur en Waterstaat. We beheren en ontwikkelen de rijkswegen, -vaarwegen en –wateren en zetten in op een duurzame leefomgeving. Samen met andere organisaties werken we aan een land dat beschermd is tegen overstromingen. Wa
State of Missouri
Build the Missouri of tomorrow. Ensure a strong foundation today. Join a group of innovative team members focused on driving the State of Missouri forward. As public servants, our team members have the opportunity to produce work that is both lasting and important. This work serves to protect famil
Västra Götalandsregionen
Region Västra Götaland is governed by democratically elected politicians and with just over 50,000 employees is one of Sweden’s biggest employers. It is tasked with offering good healthcare and dental care and providing the prerequisites for good public health, a rich cultural life, a good enviro
Canada Revenue Agency - Agence du revenu du Canada
Welcome to the Canada Revenue Agency’s (CRA) official LinkedIn page! 🇨🇦 We take pride in our diverse workforce, which brings a wide range of skills and perspectives to the Canada Revenue Agency, and remain committed to fostering an inclusive workplace where everyone can thrive. We’re on a mission t
State of Maryland
Maryland is on the path to becoming the best state in the nation. Referred to as “America in Miniature”, Maryland embodies the very spirit of the United States. Maryland is home to ethnic groups of every origin, just about every natural feature, and much like our country, opportunity! If you are
US Environmental Protection Agency (EPA)
U.S. Environmental Protection Agency’s (EPA) mission is to protect human health and the environment. EPA works to ensure that: - Americans have clean air, land and water; - National efforts to reduce environmental risks are based on the best available scientific information; - Federal laws protecti
United States Postal Service
As the United States Postal Service continues its evolution as a forward-thinking, fast-acting company capable of providing quality products and services for its customers, it continues to remember and celebrate its roots as the first national network of communications that literally bound a nation
Region Stockholm
Är du beredd att tänka nytt och hitta framtidens lösningar? För vårt framtida uppdrag behöver vi medarbetare med hög kompetens, stort engagemang och som strävar efter ständig förbättring. Vid din sida kan du få engagerade kollegor inom hundratals kvalificerade yrken – ekonomer, sjuksköterskor, ju
ISSSTE
INSTITUTO DE SEGURIDAD Y SERVICIOS SOCIALES DE LOS TRABAJADORES DEL ESTADO. ES UN ORGANISMOS PÚBLICO QUE OTORGA SERVICIOS DE SALUD, PENSIONES, VIVIENDA, PRÉSTAMOS, ESTANCIAS INFANTILES, TURISMO, CULTURA, RECREACION, DEPORTE; CUYOS AFILIADOS SON TRABAJADORES DE DEPENDENCIAS GUBERNAMENTALES, CON DERE
.png)
CD CyberSecurity News
November 03, 2025 04:34 PM
New City, Challenges and Threat Vectors for Austin's CISO
Previously both CIO and CISO for Dallas, Brian Gardner has been heading cybersecurity in Austin since May. Here he explains the challenges of navigating a...
October 22, 2025 07:00 AM
Cyber incidents in Texas, Tennessee and Indiana impacting critical government services
A large suburb outside of Dallas was one of multiple municipalities across the U.S. this week to report cyber incidents affecting public...
October 21, 2025 07:00 AM
Hackers are targeting North Texas government
Texas Cyber Command must step up as Trump cuts national protection.
October 14, 2025 07:00 AM
Dallas-Based LevelBlue To Acquire San Diego-Based Cybersecurity Firm Cybereason and Gain Investors via Deal
Dallas-based LevelBlue is acquiring San Diego-based Cybereason, a leading cybersecurity company known for its advanced Extended Detection...
October 10, 2025 07:00 AM
Houston suburb says some online services taken down by cyberattack
Officials in Sugar Land, Texas, said a cyberattack has impacted several online services after they reported technology outages on Thursday...
August 26, 2025 07:00 AM
Ransomware attack on Greenville affects city services, 911 remains intact
A cybersecurity breach in Greenville has affected the city's ability to access police and other records. The city's servers were attacked by...
July 29, 2025 07:00 AM
Cybersecurity professional provides insight into St. Paul cyberattack
Major U.S. cities, including Atlanta, Dallas and Columbus, have previously been subjected to cyberattacks.
May 30, 2025 07:00 AM
Midland steps up cybersecurity after wave of Texas city cyberattacks
Midland is updating cybersecurity measures after 93000 attack attempts and recent Texas city cyberattacks, focusing on MFA and employee...
May 29, 2025 07:00 AM
10 Defense Companies in Dallas to Know
The city is home to a network of established contractors, emerging defense tech startups and key aerospace players, many of which have deep ties to federal...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CD CyberSecurity History Information
Official Website of City of Dallas
The official website of City of Dallas is http://www.dallascityhall.com.
City of Dallas’s AI-Generated Cybersecurity Score
According to Rankiteo, City of Dallas’s AI-generated cybersecurity score is 408, reflecting their Critical security posture.
How many security badges does City of Dallas’ have ?
According to Rankiteo, City of Dallas currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does City of Dallas have SOC 2 Type 1 certification ?
According to Rankiteo, City of Dallas is not certified under SOC 2 Type 1.
Does City of Dallas have SOC 2 Type 2 certification ?
According to Rankiteo, City of Dallas does not hold a SOC 2 Type 2 certification.
Does City of Dallas comply with GDPR ?
According to Rankiteo, City of Dallas is not listed as GDPR compliant.
Does City of Dallas have PCI DSS certification ?
According to Rankiteo, City of Dallas does not currently maintain PCI DSS compliance.
Does City of Dallas comply with HIPAA ?
According to Rankiteo, City of Dallas is not compliant with HIPAA regulations.
Does City of Dallas have ISO 27001 certification ?
According to Rankiteo,City of Dallas is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of City of Dallas
City of Dallas operates primarily in the Government Administration industry.
Number of Employees at City of Dallas
City of Dallas employs approximately 6,659 people worldwide.
Subsidiaries Owned by City of Dallas
City of Dallas presently has no subsidiaries across any sectors.
City of Dallas’s LinkedIn Followers
City of Dallas’s official LinkedIn profile has approximately 69,307 followers.
NAICS Classification of City of Dallas
City of Dallas is classified under the NAICS code 92, which corresponds to Public Administration.
City of Dallas’s Presence on Crunchbase
No, City of Dallas does not have a profile on Crunchbase.
City of Dallas’s Presence on LinkedIn
Yes, City of Dallas maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/city-of-dallas.
Cybersecurity Incidents Involving City of Dallas
As of December 10, 2025, Rankiteo reports that City of Dallas has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
City of Dallas has an estimated 11,465 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at City of Dallas ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
What was the total financial impact of these incidents on City of Dallas ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $370 million.
How does City of Dallas detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with yes, and third party assistance with international law enforcement partners, and law enforcement notified with yes, and containment measures with seizure of dark web extortion domains..
Incident Details
Can you provide details on each incident ?
Title: Ransomware Attack on the City of Dallas
Description: The City of Dallas was targeted by a ransomware attack that compromised several servers, including the Dallas Police Department's website. The attackers, known as Royal, claimed to have encrypted vital data and threatened to leak private information online. The ransomware gang also threatened to divulge information on police informants. Cyber specialists believe the attack was initiated by a phishing email that an employee unknowingly clicked.
Type: Ransomware Attack
Attack Vector: Phishing Email
Threat Actor: Royal
Motivation: Financial Gain, Data Leakage
Title: Royal and BlackSuit Ransomware Operations Takedown
Description: The U.S. Department of Homeland Security (DHS) reported that the cybercrime gang behind the Royal and BlackSuit ransomware operations had breached hundreds of U.S. companies before being taken down. The groups used double-extortion tactics, encrypting victims' systems and threatening to leak stolen data to coerce payment. Law enforcement seized their dark web extortion domains as part of Operation Checkmate.
Date Publicly Disclosed: 2024-07-24
Type: Ransomware
Attack Vector: Double-extortion tactics, voice-based social engineering
Threat Actor: Royal and BlackSuit ransomware groups
Motivation: Financial gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing Email.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware Attack CIT17229523
Data Compromised: Police informants information, Vital city data
Systems Affected: Dallas Police Department's WebsiteCity Servers
Incident : Ransomware CIT416080825
Financial Loss: $370 million in ransom payments
Data Compromised: Sensitive data from various sectors
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $185.00 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Police Informants Information, Vital City Data, and Sensitive data.
Which entities were affected by each incident ?
Incident : Ransomware Attack CIT17229523
Entity Name: City of Dallas
Entity Type: Government
Industry: Public Administration
Location: Dallas, Texas
Incident : Ransomware CIT416080825
Entity Name: Various U.S. companies
Entity Type: Organizations
Industry: Healthcare, Education, Public Safety, Energy, Government
Location: United States
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware CIT416080825
Incident Response Plan Activated: Yes
Third Party Assistance: International law enforcement partners
Law Enforcement Notified: Yes
Containment Measures: Seizure of dark web extortion domains
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through International law enforcement partners.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware Attack CIT17229523
Type of Data Compromised: Police informants information, Vital city data
Sensitivity of Data: High
Incident : Ransomware CIT416080825
Type of Data Compromised: Sensitive data
Sensitivity of Data: High
Data Exfiltration: Yes
Data Encryption: Yes
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by seizure of dark web extortion domains.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware Attack CIT17229523
Ransomware Strain: Royal
Incident : Ransomware CIT416080825
Ransom Demanded: $500 million
Ransom Paid: $370 million
Ransomware Strain: RoyalBlackSuitChaos
Data Encryption: Yes
Data Exfiltration: Yes
References
Where can I find more information about each incident ?
Incident : Ransomware CIT416080825
Source: BleepingComputer
Incident : Ransomware CIT416080825
Source: Cisco Talos
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: BleepingComputer, and Source: Cisco Talos.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware CIT416080825
Investigation Status: Ongoing
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Ransomware Attack CIT17229523
Entry Point: Phishing Email
High Value Targets: Police Informants Information,
Data Sold on Dark Web: Police Informants Information,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Ransomware Attack CIT17229523
Root Causes: Phishing Email
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as International law enforcement partners.
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was $500 million.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Royal and Royal and BlackSuit ransomware groups.
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-07-24.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $370 million in ransom payments.
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Police Informants Information, Vital City Data, and Sensitive data from various sectors.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Dallas Police Department's WebsiteCity Servers.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was International law enforcement partners.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Seizure of dark web extortion domains.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Police Informants Information, Sensitive data from various sectors and Vital City Data.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was $500 million.
What was the highest ransom paid in a ransomware incident ?
Highest Ransom Paid: The highest ransom paid in a ransomware incident was $370 million.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Cisco Talos and BleepingComputer.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Phishing Email.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF protections which allow attackers to create or remove tracker triggers. This issue is fixed in Tuleap Community Edition version 17.0.99.1763126988 and Tuleap Enterprise Edition versions 17.0-3 and 16.13-8.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://github.com/Enalean/tuleap/security/advisories/GHSA-f2xv-x3g6-4j9p
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://tuleap.net/plugins/tracker/?aid=45618
Description
Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API. Attackers have access to create, edit or remove plans. This issue is fixed in Tuleap Community Edition version 17.0.99.1762456922 and Tuleap Enterprise Edtion versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://github.com/Enalean/tuleap/security/advisories/GHSA-9h47-jg7r-ww7x
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://tuleap.net/plugins/tracker/?aid=45592
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. This issue is fixed in version Tuleap Community Edition version 17.0.99.1762444754 and Tuleap Enterprise Edition versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://github.com/Enalean/tuleap/security/advisories/GHSA-vxfh-h8p6-p5rg
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://tuleap.net/plugins/tracker/?aid=45593
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
- https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://tuleap.net/plugins/tracker/?aid=45583
Description
IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=city-of-dallas' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
