Cyber Incident Victim: City of Killeen

On August 7, 2024, the City of Killeen experienced a cybersecurity breach attributed to the BlackSuit Ransomware group, disrupting municipal operations primarily through unauthorized access to internal system servers. The intrusion was detected Wednesday morning, prompting immediate containment actions by the City’s Internet Technology (IT) department, including the proactive shutdown of the utility customer service payment system to safeguard citizen data. Most affected systems were internal, though public-facing services experienced limited disruptions. Utility Collections operations faced the most significant citizen impact, restricting payment methods to online transactions or in-person cash, check, or money order submissions. New resident transfers, service restorations, and after-hours inquiries required direct phone contact with the Utility Collections division. The Municipal Court and Transfer Station also experienced temporary outages, though functionality was restored by the end of Wednesday.

The City initiated server recovery using backup systems, a predefined contingency measure, while severing connections with the Bell County Network to prevent lateral spread of the intrusion. Collaboration with the Texas Department of Information Resources commenced immediately following the incident. No evidence of compromised personal or financial data was identified, though citizens were advised to monitor accounts for suspicious activity as a precaution. Internal and external communication channels, including the Utility Collections webpage, were updated by Wednesday afternoon to guide residents on service adjustments. Restoration efforts prioritized full operational recovery with heightened security protocols, leveraging the City’s existing preparedness investments to minimize downtime. Continuous public updates were pledged as recovery progressed, emphasizing transparency throughout the incident lifecycle.