Cyber Incident Victim: City of Lancaster

On the night of March 12, 2019, between 2:30 AM and 4:00 AM local time, a hacker intentionally activated tornado warning sirens across Lancaster and DeSoto, Texas, triggering over 30 alarms (20 in Lancaster and 10 in DeSoto). The unauthorized activation caused widespread panic among residents, who were already alert due to forecasts of severe storms in the Dallas County area. Some alarms also sounded briefly in neighboring suburbs including Red Oak, Cedar Hill, and Glenn Heights, though not at city-wide scale or duration. Officials from both cities confirmed the incident resulted from a deliberate cyber intrusion into their shared outdoor warning siren network, ruling out technical malfunctions. The sirens blared intermittently for approximately 90 minutes during the overnight hours, disrupting sleep and causing emergency service inquiries. This occurred one week after routine daytime siren testing had concluded, eliminating confusion with planned drills.

City authorities took the compromised siren systems offline by the morning of March 13 as a containment measure, leaving them disabled during subsequent severe weather. Later that evening, a powerful thunderstorm struck the region, causing property damage, downed trees, and power outages but no tornadoes. The preemptive system shutdown meant Lancaster and DeSoto lacked operational sirens during this storm, though no tornado warnings ultimately required activation. Investigators characterized the hack as sabotage against public infrastructure, emphasizing criminal penalties for perpetrators. The incident echoed a 2017 Dallas County breach where hackers exploited radio vulnerabilities to trigger 156 sirens, leading Dallas to implement radio signal encryption. Security researchers had previously disclosed the "SirenJack" vulnerability in emergency alert systems in April 2018, highlighting risks of unencrypted siren controls. No attribution or technical specifics of the Lancaster/DeSoto intrusion method were disclosed publicly.