* Dan Petrella at the Tribune…
A state audit released earlier this year warned that Illinois Attorney General Kwame Raoul’s office had a “weaknesses in cybersecurity” that potentially left sensitive information on the agency’s computer network “susceptible to cyberattacks and unauthorized disclosure.”
Three weeks ago, a hack resulted in data being stolen from the attorney’s office in a ransomware attack, Raoul acknowledged in a statement Thursday.
A ransomware gang known as DoppelPaymer is believed to be behind the attack, in which some data from the attorney general’s office was posted online.
Ransomware is malicious software that infects a computer system. Those behind ransomware then demand money to allow the system to work properly again.
* From the audit…
Office management indicated a comprehensive internal cybersecurity risk assessment was not performed due to competing priorities within the Information Technology (IT) Bureau. In addition, the coronavirus pandemic further delayed IT initiatives since March 2020.
The lack of adequate cybersecurity programs and practices could result in unidentified risk and vulnerabilities which ultimately leads to the Office’s confidential and personal information being susceptible to cyber-attacks and unauthorized disclosure.