Hackers Blamed For Data Breach That Compromised 300,000 - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Information Management

Hackers Blamed For Data Breach That Compromised 300,000

The FBI's investigation into a January attack on an Illinois state agency's server is pointing away from an inside job.

The FBI's investigation into a data breach that compromised sensitive information on 300,000 people in Illinois is pointing to an outside hacker.

A hacker broke into the computer network at the Illinois Department of Financial and Professional Regulation this past January and accessed a server that held information on about 1,200,000 people who have licenses or applied for licenses with the department. Susan Hofer, spokeswoman for the department, said in an interview that about a quarter of the stored information was compromised.

The server, according to Hofer, held sensitive information -- names, addresses, Social Security numbers -- on people who hold or have applied for loan origination licenses or for real estate broker and agent licenses. The server also was being used to test new software.

The FBI and the Illinois State Police are investigating.

"The investigation seems to be pointing away from it being an inside job," said Hofer. "The investigation is ongoing, though."

She added that the breach appears to have happened in January, though it wasn't discovered until May 3. The department then contacted the FBI, which asked them to hold off on releasing any information about the breach until they could launch the investigation. Hofer said when they received the OK from the FBI on May 17, the department began sending out letters to those affected.

Since discovering the breach, the compromised server has been isolated and other systems are being checked.

People who think they may have been impacted by the breach and identity theft should check their credit card statements for suspicious activity, the department said. The state's Web site also suggests contacting the credit reporting bureaus and file a police department report if appropriate.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
9 Steps Toward Ethical AI
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/15/2019
How to Assess Digital Transformation Efforts
Lisa Morgan, Freelance Writer,  5/14/2019
Is AutoML the Answer to the Data Science Skills Shortage?
Guest Commentary, Guest Commentary,  5/10/2019
White Papers
Register for InformationWeek Newsletters
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
Flash Poll