The compromised data include Social Security numbers, health insurance and tax information
The office of the attorney general in Illinois has been victimised in a cyberattack by ransomware group DoppelPaymer.
Attorney General Kwame Raoul announced in a 29 April press release that the office’s network had been breached in the attack, compromising data such as the names, addresses, email addresses, Social Security numbers, health insurance and medical information, tax information and driver's license numbers of the public.
The ransomware attack was discovered early in the morning of 10 April. The office confirmed that it was working with law enforcement and external tech experts to determine the extent of the breach, and was working to reconstruct the compromised network while maintaining regular operations as much as possible.
“While we do not yet know with certainty what was compromised in the ransomware attack, we are working closely with federal law enforcement authorities and outside technology experts to determine what information was exposed, how this happened and what we can do to ensure that such a compromise does not happen again,” Raoul said.
According to the American Bar Association Journal, DoppelPaymer has released 68 documents it claimed were from the attorney general’s office. Some of the documents were related to judgments and state prisoners.
The group has threatened to post more documents, and the Chicago Tribune reported that as per a court document filed by Raoul’s civil rights division, the cyberattack left lawyers without access to work-related product and research. The Tribune also reported that the attorney general’s office had failed to conduct a comprehensive assessment of its computer systems to guard the public’s personal information even though a recent audit highlighted how the systems contained significant volumes of sensitive information.
Raoul said that he intended to open to the public about updates on the data breach.
“I am committed to transparency throughout this very sensitive process and will continue to provide updates that do not jeopardise the progress of our ongoing investigation or the security of our network,” he said in the 29 April press release.
He also said that the attorney general’s office was launching a toll-free hotline for queries and providing updates online. The office has also issued a public notice with instructions on how people can protect themselves against identity theft.