The Travis Central Appraisal District confirmed Tuesday that its website was targeted by a hacker or hackers, preventing users from being able to access the public site.
No confidential data was compromised, Chief Appraiser Marya Crigler said.
“We are being repeatedly hacked by someone trying to steal our data. That is causing a denial of service to everyone else. Our staff is working with the internet provider to see if there is a way block that person,” Crigler told the American-Statesman. “All of our data is secure; anything that is confidential is not exposed. Our confidential data is never at risk.”
The website contains public information for 424,000 residential and commercial parcels in Travis County, including data about ownership, appraised and taxable values, deed history, property size and acreage and other information.
Crigler said it appears the hacker or hackers were attempting to access a large amount of data at one time, in violation of appraisal district policy.
“Occasionally we will get some bad actors who just don’t want to play nicely by the rules,” Crigler said. “Rather than contacting us to get a copy of our appraisal roll on a CD sent to them they will try to steal it from the website and do a bulk transfer. And what they do is create so much traffic and activity that they deny service to everybody else who wants to have access to our data.”
The appraisal district sells some of its data. For example, people can purchase the entire appraisal roll on a CD for $55, and a map of the county’s parcels for $25.
Crigler said the appraisal district experiences people trying to download large amounts of data a couple of times a year, and has procedures in place to identify and block their IP address. She said the person’s identity can’t be determined, but sometimes they can pinpoint their “country of origin.”
On Tuesday, Crigler said there were “two malicious users” — one in Texas and one in Alabama — who were creating disruptions on the website, and the district’s information technology personnel shut those down.
“We are hopeful that this has resolved it,” Crigler said. “We’ll be keeping our eye out for next couple of days to see if it recurs so we can take quick action.”
Crigler said that while there is no law against such hacking, it is “a nuisance and a disservice to the rest of our taxpayers to have a bad actor like this trying to do a bulk data transfer on a website that’s not designed for that kind of data, rather than going through the proper channels.”
“I don’t know who it is or what they are using the data for,” she said, nor can the appraisal district ever tell in any instance that “it’s one person or multiple people.”