AL Ministry of Education announces data theft and attempted cyberattack

MONTGOMERY, Ala. (WPMI) — Dr. Eric Mackey, Alabama Secretary of Education, announced at a press conference on Wednesday that an investigation is currently underway into an attempted cyberattack on June 17:

The Alabama Department of Education announced Wednesday that it is currently investigating a hacker attack on its systems that has actually resulted in data theft.

The attack took place on June 17th and was intercepted by the Information Services department and the hack was stopped. Data theft occurred and the department is still working to determine what information was stolen.

Dr. Erik Mackey said all systems were back up and running through backups.

ALSDE has set up a web page with information that will be unavailable for several hours due to planned upgrades.

Below is the full page if the state page is unavailable. https://www.alabamaachieves.org/databreach/

Data leak

What happened?

On June 17, Alabama State Department of Education (ALSDE) Information Systems (IS) personnel interrupted and stopped an attack on the department’s computer system. IS experts were able to interrupt and stop the attack before the hackers could access all of the attacked servers and lock down our own computer system.

However, the hackers managed to steal some data and disrupt our services before our staff disrupted and stopped the attack. ALSDE immediately began working with state and federal law enforcement, the Alabama Attorney General, the state’s Office of Information Technology, and an independent contractor who is considered an expert in anti-hacking response to bolster our cyber defenses and determine what data, if any, was compromised. The criminal investigation is ongoing and this page will be updated with new information as the investigation is completed.

What information was involved?

As mentioned, the criminal investigation is ongoing. While we do not yet know the exact content of the information, it is possible that the hackers accessed some personally identifiable information. The ALSDE does not collect information such as direct deposits and bank account information. Once it is fully determined what data may have been compromised, this site will be updated in full compliance with applicable reporting laws and best practices.

What do we do?

As with other public schools, agencies, hospitals, and businesses affected by criminal syndicates, it is disappointing and disheartening to learn that hackers were able to breach our security system and access data. In consultation with law enforcement, we have chosen not to negotiate with foreign actors and extortionists. The Federal Bureau of Investigation (FBI) never recommends bribing hackers as a policy. Because our team was able to interrupt the hackers and prevent them from encrypting the server, they were unable to conduct a denial-of-service attack. All data has been restored using clean backups. We have taken additional steps to secure the data. Due to the nature of the investigation and the sensitivity of publicly disclosing security measures, we cannot provide details about the steps we have taken at this time. Additional updates may be made to this page once the investigation is complete.

What can you do?

The Federal Trade Commission (FTC) recommends that you place a free fraud alert on your credit file. A fraud alert tells creditors to contact you before opening new accounts or making changes to your existing accounts. Contact one of the three major credit reporting agencies. Once one credit reporting agency confirms your fraud alert, the others will be notified to place fraud alerts. The first fraud alert stays on your credit report for one year. You can renew it after one year.

Equifax: equifax.com/personal/credit-report-services or 1-800-685-1111

Experian: experian.com/help or 1-888-397-3742

TransUnion: transunion.com/credit-help or 1-888-909-8872

Ask each credit reporting agency to send you a free credit report after it places a fraud alert on your file. Check your credit reports for accounts and inquiries you don’t recognize. These could be signs of identity theft. If your personal information has been compromised, visit the FTC’s website at IdentityTheft.govNew Window to report the identity theft and get steps to recover. Even if you don’t find any suspicious activity in your initial credit reports, the FTC recommends that you check your credit reports regularly so you can identify problems and fix them quickly.

You may also want to consider a free credit freeze. A credit freeze means that potential creditors do not have access to your credit report, making it less likely that an identity thief can open new accounts in your name. To initiate a freeze, contact any of the major credit bureaus using the links or phone numbers provided above. A freeze will remain in place until you ask the credit bureau to temporarily lift it or remove it.

We’ve included information from the FTC’s website (IdentityTheft.gov/databreach New Window) that tells you how to protect yourself from identity theft. The steps depend on the types of information exposed in this data breach.

If you notice someone opening new accounts using your information, you should report it to your local police and the FBI at IC3.gov.

Other important information

We will update you with further information once we have completed the investigation.

For more informations.

Please send emails to [email protected]

REGARD