Breach reported by attorney general confirmed to be ransomware attack
Send a link to a friend
[May 01, 2021]
By TIM KIRSININKAS
Capitol News Illinois
tkirsininkas@capitolnewsillinois.com
 SPRINGFIELD – A data breach reported by
Attorney General Kwame Raoul’s office nearly three weeks ago was a
ransomware attack, according to a Thursday news release.
Raoul’s office has launched a new hotline to provide information to
residents following the data breach first reported on April 10.
A Thursday news release stated that the office “continues to evaluate
the full extent of the compromise,” including what specific data may
have been compromised in the breach.
“While we do not yet know with certainty what was compromised in the
ransomware attack, we are working closely with federal law enforcement
authorities and outside technology experts to determine what information
was exposed, how this happened, and what we can do to ensure that such a
compromise does not happen again,” Raoul said in the release.
Raoul’s office stated that the purpose of the hotline is to allow
residents who may have concerns about the breach to receive answers to
their questions while the investigation is ongoing.
The hotline can be reached by calling 1-833-688-1949 between the hours
of 8 a.m. and 5 p.m. Monday through Friday.
The Chicago Sun-Times reported Thursday that a ransomware group
“potentially linked to Russia,” known as DoppelPaymer, had posted
documents it had stolen from the Attorney General’s office over a period
of two weeks.
Ransomware is a malicious software that collects the victim’s personal
data and threatens to publish it unless a ransom is paid to the hacker.
A public notice on the Attorney General’s website said that leaked
information could include sensitive personal information such as
individuals’ names, addresses and social security numbers.
[to top of second column]
|
Illinois Attorney General Kwame Raoul is pictured in
a file photo. (Capitol News Illinois file photo)
The notice stated that all information about the
breach, including the exact extent of what information was stolen,
will be made available at www.illinoisattorneygeneral.gov as it
becomes available.
When asked about the data breach Friday, Gov. JB Pritzker said the
ransomware breach was contained to the attorney general’s office
only, and that no other state offices or agencies were affected.
“We have federal authorities that are involved here and helping to
investigate. It's become a law enforcement matter at this point,”
Pritzker said.
Prtizker said law enforcement agencies are working closely with the
state’s Department of Information Technology to determine the extent
of the breach and rectify the situation.
“Government systems and your personal systems are all in some ways
under attack every day,” Pritzker added. “There are cybersecurity
needs that people need to follow in their personal lives with their
personal devices (or) their office business devices, and in
government, we're all trying to do that at the same time there are
foreign actors as well as domestic hackers that are trying to get
in.”
“It's a constant battle but we have a pretty good team that's
fighting it, and I know the Attorney General's Office is working
very hard to reverse the damage that was done,” he said.
Capitol News Illinois is a nonprofit, nonpartisan
news service covering state government and distributed to more than
400 newspapers statewide. It is funded primarily by the Illinois
Press Foundation and the Robert R. McCormick Foundation.
 |
