Jan. attack on Ala. IT system breached personal data; investigat - WSFA.com: News Weather and Sports for Montgomery, AL.

Jan. attack on Ala. IT system breached personal data; investigation tops $1 million

Posted: Updated:
MONTGOMERY, AL (WSFA) -

Alabama Department of Homeland Security Director Spencer Collier on Thursday revealed that some personally-identifiable information was indeed compromised during the January cyber-intrusion of the state's IT computer system.

Collier said no discoveries were immediately made of compromised, personal information, but were found as the investigation progressed. [Initial details of cyber-intrusion - 1/29/13]

"We promised the people of Alabama that if we discovered that any information was accessed, we would notify them as soon as possible," he said.

The information was related to a limited number of employees and vendors and may have contained information such as names, social security numbers and taxpayer identification numbers, the Department of Homeland Security said. No taxpayer records or returns were compromised in the cyber-intrusion. Director Collier declined comment when asked for any information on the scope of how many people are affected. 

"When we discovered the intrusion, we took immediate action," Director Collier said. "We activated a criminal investigation and worked with renowned IT experts to begin the processes of remediation of damages." Director Collier would not confirm if the investigation is being kept within the borders of Alabama.

Those whose information was compromised will receive help through credit monitoring services, Collier explained. The State of Alabama will also provide affected people with a one-year service to an identity theft service company.

When WSFA 12 News requested figures on the cost of the investigation, the ADHS said, "investigative services cost roughly $1 million dollars," and the credit security services will cost the Department under $100,000.

"Our investigation will continue, and we are doing everything within our power to address this issue," Collier said, adding that additional security measures have been added to protect the state's computer network.

The cyber attack was confirmed publicly on January 25, 2013, but Director of ISD Jack Doane said the state responded the attack more than a week earlier on January 16 by reviewing and preserving log data and through a change in all administrative passwords.

"ISD increased its perimeter defense and shut down all external access into the state network," Doane said. "Additional logging and log correlation was put in place to assist in the investigation and remediation plans."

State and federal agencies continue to investigate the source of the intrusion. No suspects have been named, but Collier said a review of the case leads authorities to the belief, though they admit they're not certain, that the attack came from a certain entity that does not have a history of malicious activity regarding personally-identifiable information.

This is not the first time the state's computer system has been compromised. In February 2012 hackers with the online "hacktivist" group Anonymous claimed responsibility for breaking into state servers in response to newly passed illegal immigration legislation.

Citing the negative impact on-going investigation, Director Collier said no other details regarding the case were being released at the current time.

INFORMATION SOURCE: Alabama Department of Homeland Security 

Copyright 2013 WSFA 12 News.  All rights reserved.

Powered by WorldNow