On Monday, Alabama’s Office of Information Technology announced that it was in the midst of responding to a “significant security breach” affecting certain state systems. According to OIT, the event was first detected Friday evening and some state employee usernames and passwords were compromised.
OIT reported that they have taken immediate steps to contain the situation while working with a leading third-party cybersecurity firm to investigate, secure, and restore impacted services.
“The security and reliability of our systems is a top priority. Temporary disruptions such as website accessibility, as well as email and phone communication, may occur, but our teams are actively working to establish a timetable and to ensure continuity of essential services to minimize any impact,” OIT said in an official statement.
“The event was first detected Friday evening, and teams have been working around the clock to identify and mitigate any impacts. The source of the cybersecurity event is being investigated, but all state employees are being reminded to be cautious for potentially malicious emails,” the statement reads. “Investigations are currently underway to identify the entity responsible for the cybersecurity event. Investigations are also underway to understand the full scope of the event, and while some state employee usernames and passwords were compromised, it is currently believed that no Alabamians’ personally identifiable information has been retrieved.”
This breach comes just over a year after various Alabama government agencies were hit by a “denial of service” cyber attack perpetrated by Anonymous Sudan, an online cybercriminal group responsible for tens of thousands of such attacks across the U.S. and around the world. During that event, it was reported that OIT was able to prevent any sensitive information stored on state computers from being breached.
As OIT continues to manage this most recent breach, it will be sharing ongoing updates and additional information with the public on the official OIT website.
