Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Tyler Technologies Paid Ransomware Gang For Decryption Key

Tyler Technologies Paid Ransomware Gang For Decryption Key

Tyler Technologies has paid a ransom for a decryption key to recover files encrypted in a recent ransomware attack.

Tyler Technologies states that they are the largest software company in North America devoted to the public sector, with over $1.2 billion in revenue for 2020 and 5,500 employees.

A RansomExx ransomware strike

On September 23rd, Tyler Technologies suffered a cyberattack by the RansomExx ransomware operators, who were also behind recent attacks on Konica Minolta and IPG Photonics.

In response to the attack, Tyler Technologies immediately disconnected portions of their network to contain the ransomware’s spread and limit their clients’ exposure.

Also Read: MAS Technology Risk Management Guidelines

“Early this morning, we became aware that an unauthorized intruder had disrupted access to some of our internal systems. Upon discovery and out of an abundance of caution, we shut down points of access to external systems and immediately began investigating and remediating the problem,” Tyler Technologies CIO Matt Bieri emailed clients.

The attack caused significant disruption to Tyler Technologies operations, it was contained locally and did not spread to their clients.

Sources in the public sector have told BleepingComputer that the ransomware attack severely impacted Tyler Technologies and that the company expected it would take thirty days to recover operations fully.

Paid ransom to obtain a decryptor

A source told BleepingComputer that Tyler Technologies paid the RansomExx ransom demand to recover encrypted data.

It is not unknown, though, how much was paid to receive a decryption key.

When the ransomware encrypted Tyler Technologies’ files, they appended an extension similar to ‘.tylertech911-f1e1a2ac.’

To prove that the decryptor was valid, BleepingComputer was able to decrypt encrypted files [12] uploaded to VirusTotal at the time of the ransomware attack.

Also Read: How Does Do Not Call (DNC Registry) Affect Marketing 2020

Encrypted Tyler Technologies file on VirusTotal
Encrypted Tyler Technologies file on VirusTotal

When decrypted, the Arin.txt file contained a list of IP ranges used by the company.

RansomExx is also known to steal data before encrypting devices on a network. The ransomware operators then threaten to release this stolen data unless a victim paid the ransom.

As many school districts, court systems, and local and statement governments in the United States are Tyler Technologies customers, the risks of the public leaking of sensitive information and source code is concerning.

This concern may have been a driving factor in the decision to pay the ransom.

When asked about the decryptor, Tyler Technologies did not dispute the ransom payment, but told BleepingComputer that they could not disclose any further information at this time.

“Given the sensitivities around the incident and our investigation of it, and our active cooperation with law enforcement, we are not at liberty to disclose additional details at this time.”



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us