The Alabama state government has launched an investigation into a ‘cybersecurity event’ that reportedly impacted several state systems, although officials have assured that there was no theft of personal information from citizens. The Alabama Office of Information Technology (OIT) confirmed the incident was discovered on May 9, and has since engaged external cybersecurity consultants to secure and restore the affected systems. According to their statement, some state employees’ usernames and passwords were compromised, raising concerns over the security of governmental digital infrastructure. Further details can be found here.
Despite the serious nature of the event, the state government has disclosed little information surrounding the breach. Subsequent updates from OIT reiterated that no major disruptions to state services occurred and that residents’ personal identifiable information (PII) remains secure. In a statement, OIT emphasized that skilled technical resources are engaged to effectively manage the situation.
In a potential contributing factor to the breach, the USA’s Cybersecurity and Infrastructure Security Agency recently faced a significant budget cut which may have constrained its ability to share essential cyber threat information with state governments. Following the cut, the agency terminated its Cybersecurity Assistance Services Program, a service that provided no-cost security advice to state and local governments, leaving many without critical support during incidents like these. More on this funding cut can be found here.
In related news, a Kosovo man has been extradited to Florida to face charges related to his operation of an online criminal marketplace, BlackDB.cc, which sold stolen credit cards and personal data primarily from American individuals. The U.S. Department of Justice has charged Liridon Masurica, who operated the site since 2018, with multiple counts related to fraud, potentially leading to a sentence of 55 years if convicted. Details regarding these charges can be viewed here.