Ransomware attack costs Illinois attorney general's office more than $2.5M – Chicago Tribune
Ransomware attack costs Illinois attorney general’s office more than $2.5M Chicago Tribune
Tag Archive for: Illinois
Make security fixes or expect more waves of identity fraud, Illinois lawmakers are warned | State & Regional
For years, experts including Talcove have warned states that massive amounts of stolen personal information, obtained in recent years through various computer hacks, could allow thieves to trick unemployment agencies into sending benefits to the wrong people. Incidents of this so-called impostor fraud exploded during the pandemic.
Talcove said a vendor could stop the flood of bad claims for about $1 million a year, using the kinds of systems the private sector has employed for years. He recommended the state seek competitive bids among qualified firms, including his own.
IDES has said it’s working toward better security but worries tighter defenses may block out people who legitimately qualify for cash.
Talcove said security can be tightened without hurting legitimate claimants.
“With the technology that exists, you can have it. You can get a package delivered by Amazon in a trustworthy manner. You can make a transaction on a bank account and be safe,” he told lawmakers. “You can have the same thing with government programs.”
Illinois has yet to release figures on how much money was stolen, but Talcove said he suspects it’s at least $1 billion.
Talcove warned that instructions on how to steal from states are available for sale on unindexed, encrypted parts of the internet called the “dark web,” including a kit about stealing from IDES that costs $15.
Illinois Legislation Limits Non-Competes, Restrictive Covenants
The Illinois General Assembly recently passed Senate Bill 672 (“SB 672” or the “Bill”), which codifies Illinois common law standards for enforceability for covenants not to compete or solicit and imposes several additional statutory limitations on employers’ ability to enter into and enforce post-employment restrictive covenants. The Bill, which is expected to be signed into law by the end of the year, follows a nationwide trend among Democratic state legislatures enacting laws designed to limit the use or utility of various restrictive covenants in the employment setting.
Under SB 672, a covenant not to compete or solicit is void and unenforceable, subject to judicial reformation, unless: (1) the employee receives adequate consideration; (2) the covenant is ancillary to a valid employment relationship; (3) the covenant is no greater than is required for the protection of a legitimate business interest of the employer; (4) the covenant does not impose undue hardship on the employee; and (5) the covenant is not injurious to the public. The Bill codifies the holding of Fifield v. Premier Dealer Services, 2013 IL App (1st) 120327, by defining “adequate consideration” as (a) two years of continuous employment after signing the agreement; or (b) alternative consideration, such as “a period of employment plus additional professional or financial benefits or merely professional or financial benefits adequate by themselves.” This is noteworthy as some courts applying Illinois law have declined to apply Fifield’s holding taking the position that it does not correctly state Illinois law. Following SB 672’s enactment, it is likely that Fifield will be followed by courts across the board, even when interpreting restrictive covenants entered into before the Bill’s effective date.
Likewise, the Bill incorporates the holding of Reliable Fire Equipment Co. v. Arredondo, 965 N.E.2d 393 (Ill. 2011), by adopting its “totality of the facts and circumstances” standard for determining an employer’s legitimate business interest. The Bill further provides a non-exclusive list of factors to be considered by courts when determining the employer’s…
Illinois AG Office Hit by Ransomware After Security Warning
(TNS) — A state audit released earlier this year warned that Illinois Attorney General Kwame Raoul’s office had a “weaknesses in cybersecurity” that potentially left sensitive information on the agency’s computer network “susceptible to cyber attacks and unauthorized disclosure.”
Three weeks ago, a hack resulted in data being stolen from the attorney’s office in a ransomware attack, Raoul acknowledged in a statement Thursday.
A ransomware gang known as DoppelPaymer is believed to be behind the attack, in which some data from the attorney general’s office was posted online.
Ransomware is malicious software that infects a computer system. Those behind ransomware then demand money to allow the system to work properly again.
“While we do not yet know with certainty what was compromised in the ransomware attack, we are working closely with federal law enforcement authorities and outside technology experts to determine what information was exposed, how this happened and what we can do to ensure that such a compromise does not happen again,” Raoul said in a statement.
The office said “work is taking place around the clock to rebuild” its computer network.
Gov. J.B. Pritzker said at an unrelated event in St. Clair County that the attorney general’s office operates on “a completely separate platform from the rest of state government” and sought to assure residents the issue is not more widespread.
“Nobody should be afraid that state government systems are under attack today,” Pritzker said.
A routine audit prepared last year and released in February noted that the attorney general’s office, which represents the state in court and is involved in consumer protection issues, “maintains computer systems that contain large volumes of confidential or personal information such as names, addresses and Social Security numbers of the citizens of the state.”
The audit, prepared for the state auditor general by accounting firm West & Co., found that the agency “had not performed a comprehensive formal risk assessment to identify and ensure adequate protection of information (i.e., confidential or…