Hackers Blamed For Data Breach That Compromised 300,000 - InformationWeek
Software // Information Management

Hackers Blamed For Data Breach That Compromised 300,000

The FBI's investigation into a January attack on an Illinois state agency's server is pointing away from an inside job.

The FBI's investigation into a data breach that compromised sensitive information on 300,000 people in Illinois is pointing to an outside hacker.

A hacker broke into the computer network at the Illinois Department of Financial and Professional Regulation this past January and accessed a server that held information on about 1,200,000 people who have licenses or applied for licenses with the department. Susan Hofer, spokeswoman for the department, said in an interview that about a quarter of the stored information was compromised.

The server, according to Hofer, held sensitive information -- names, addresses, Social Security numbers -- on people who hold or have applied for loan origination licenses or for real estate broker and agent licenses. The server also was being used to test new software.

The FBI and the Illinois State Police are investigating.

"The investigation seems to be pointing away from it being an inside job," said Hofer. "The investigation is ongoing, though."

She added that the breach appears to have happened in January, though it wasn't discovered until May 3. The department then contacted the FBI, which asked them to hold off on releasing any information about the breach until they could launch the investigation. Hofer said when they received the OK from the FBI on May 17, the department began sending out letters to those affected.

Since discovering the breach, the compromised server has been isolated and other systems are being checked.

People who think they may have been impacted by the breach and identity theft should check their credit card statements for suspicious activity, the department said. The state's Web site also suggests contacting the credit reporting bureaus and file a police department report if appropriate.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Don't Collect Biometric Data Without Providing Notice
Lisa Morgan, Freelance Writer,  2/1/2019
AI and the Next Recession
Guest Commentary, Guest Commentary,  1/24/2019
The Title Machine Learning Engineer Will Start to Disappear
Guest Commentary, Guest Commentary,  2/7/2019
White Papers
Register for InformationWeek Newsletters
Current Issue
Security and Privacy vs. Innovation: The Great Balancing Act
This InformationWeek IT Trend Report will help you better understand and address the growing challenge of balancing the need for innovation with the real-world threats and regulations.
Flash Poll