Illinois AG Office Hit by Ransomware After Security Warning
(TNS) — A state audit released earlier this year warned that Illinois Attorney General Kwame Raoul’s office had a “weaknesses in cybersecurity” that potentially left sensitive information on the agency’s computer network “susceptible to cyber attacks and unauthorized disclosure.”
Three weeks ago, a hack resulted in data being stolen from the attorney’s office in a ransomware attack, Raoul acknowledged in a statement Thursday.
A ransomware gang known as DoppelPaymer is believed to be behind the attack, in which some data from the attorney general’s office was posted online.
Ransomware is malicious software that infects a computer system. Those behind ransomware then demand money to allow the system to work properly again.
“While we do not yet know with certainty what was compromised in the ransomware attack, we are working closely with federal law enforcement authorities and outside technology experts to determine what information was exposed, how this happened and what we can do to ensure that such a compromise does not happen again,” Raoul said in a statement.
The office said “work is taking place around the clock to rebuild” its computer network.
Gov. J.B. Pritzker said at an unrelated event in St. Clair County that the attorney general’s office operates on “a completely separate platform from the rest of state government” and sought to assure residents the issue is not more widespread.
“Nobody should be afraid that state government systems are under attack today,” Pritzker said.
A routine audit prepared last year and released in February noted that the attorney general’s office, which represents the state in court and is involved in consumer protection issues, “maintains computer systems that contain large volumes of confidential or personal information such as names, addresses and Social Security numbers of the citizens of the state.”
The audit, prepared for the state auditor general by accounting firm West & Co., found that the agency “had not performed a comprehensive formal risk assessment to identify and ensure adequate protection of information (i.e., confidential or…
