Ransomware Attack on Illinois Attorney General

Here’s what the Attorney General has to say about something that happened to his office a while back:


Raoul Establishes Toll-Free Hotline and Provides Online Information to Residents

Attorney General Kwame Raoul today announced the Office of the Attorney General is notifying the public in accordance with state statute, of a ransomware attack that has compromised the office’s network. While the extent of the information compromised is currently under investigation, the Attorney General’s office is launching a toll-free hotline and providing additional information to the public via its website.

The Attorney General’s office, aided by law enforcement and external technology experts, continues to evaluate the full extent of the compromise, including identifying the information that was exposed and what was done with that information. At the same time, work is taking place around the clock to rebuild the office’s network. In the interim, the Attorney General’s office is launching a hotline that will go into operation at 8 a.m. Central time Friday. The Attorney General’s office is providing additional information to answer individuals’ questions and help them protect against identity theft.

“While we do not yet know with certainty what was compromised in the ransomware attack, we are working closely with federal law enforcement authorities and outside technology experts to determine what information was exposed, how this happened, and what we can do to ensure that such a compromise does not happen again,” Raoul said. “This process will take time, but I understand that members of the public may have questions now, which is why I am establishing a toll-free hotline and making information available online. I am committed to transparency throughout this very sensitive process and will continue to provide updates that do not jeopardize the progress of our ongoing investigation or the security of our network.”

What has since been identified as a ransomware attack was initially discovered in the early hours of Saturday, April 10 when employees were unable to access the office’s network. The office launched an immediate investigation and has maintained close contact with federal law enforcement and external technology experts to determine which network components have been compromised. The office has continued regular operations to the extent possible while efforts to rebuild the network are underway.

Illinois statute requires residents to be notified if their information may have been compromised by a data breach. Accordingly, a public notification and answers to frequently asked questions related to the network compromise are now available on the Attorney General’s website. The Attorney General’s office has not yet determined what personal information on its network is impacted. However, information from the public stored on the office’s network includes names, addresses, email addresses, Social Security numbers, health insurance and medical information, tax information, and driver’s license numbers. The Attorney General’s office routinely offers guidance to help residents protect themselves from identity theft, and today’s public notice details steps people can take to protect their identities.

Attorney General Raoul also announced a dedicated toll-free hotline staffed by Rust Consulting Inc., a company that specializes in legal notifications. Beginning Friday, individuals who have questions about the network compromise can call the Attorney General’s Computer Network Compromise Hotline at 1-833-688-1949, Monday through Friday between the hours of 8 a.m. and 5 p.m. Central time.

The Attorney General’s office continues to evaluate the extent of the network compromise by ransomware. Additional details about the compromise and the personal information impacted will be made available on the Attorney General’s website, to the extent possible, upon completion of the office’s internal investigation and its work with law enforcement and external technology experts.


Ransomware Attack on Illinois Attorney General — 5 Comments

  1. Now the question becomes can the citizens of Illinois sue the state for failure
    to protect (as in negligence) their personal/private/privileged info ?

    This is absolutely unacceptable and heads must roll for this outrageous incompetence.

  2. Here was another breach on a federal level, supposedly by an entity from China, during the Barak Hussein Obama Administration. From WIKI:


    “In June 2015, the United States Office of Personnel Management (OPM) announced that it had been the target of a data breach targeting personnel records.[1] Approximately 22.1 million records were affected, including records related to government employees, other people who had undergone background checks, and their friends and family.[2][3] One of the largest breaches of government data in U.S. history,[1] information that was obtained and exfiltrated in the breach[4] included personally identifiable information such as Social Security numbers,[5] as well as names, dates and places of birth, and addresses.[6] State-sponsored hackers working on behalf of the Chinese government carried out the attack.[4][7]

    The data breach consisted of two separate, but linked, attacks.[8] It is unclear when the first attack occurred but the second attack happened on May 7, 2014 when attackers posed as an employee of KeyPoint Government Solutions, a subcontracting company. The first attack was discovered March 20, 2014, but the second attack was not discovered until April 15, 2015.[8] In the aftermath of the event, Katherine Archuleta, the director of OPM, and the CIO, Donna Seymour, resigned.[9]”

Leave a Reply

Your email address will not be published. Required fields are marked *