The Illinois Secretary of State’s office is alerting Illinois residents about a recent data breach that affected the agency.
Last week, letters were sent to approximately 50,000 Illinois residents about a “data security incident” that took place in early April.
According to the letter, an unknown person gained access to the Lake County government computer system and sent a phishing email to employees in the Illinois Secretary of State’s office.
The letter indicates that names, as well as driver’s licenses and Social Security numbers, were possibly exposed. The agency offers free credit monitoring to affected individuals.
Additionally, the email accounts of two Illinois Secretary of State employees were infiltrated.
In a statement to NBC 5 Responds, the Illinois Secretary of State’s office clarified that while its email system was infiltrated, none of the agency’s databases, including those containing driver and vehicle records, were viewed. engaged.
The office added that they are strengthening their data security framework to protect against future attacks.
Below is the full statement offered by the Illinois Secretary of State’s office:
“We recently learned that an email was sent from an official email account of a Lake County government employee to two Illinois Secretary of State employees, which was later determined to be part of an attempt to phishing.
The office’s Information Technology Department and cybersecurity teams acted within hours to contain and mitigate the phishing incident and none of the agency’s databases, including those containing driver and vehicle records, was compromised.
The Secretary of State’s office takes these issues extremely seriously and has hired several outside cybersecurity experts to conduct a forensic audit to determine the source of unauthorized access, strengthen its data security framework against future attacks, and implement security measures. additional security and supervision.
While the incident appeared to target two individual employees, the bureau proactively notified anyone whose information could be affected and offered free credit monitoring services out of an abundance of caution and to alleviate any concerns related to the incident.
Since taking office, the Secretary of State has emphasized the need to overhaul his aging IT infrastructure and has made significant investments to improve personal data protection through additional partnerships with cybersecurity providers and the expansion of our cybersecurity within our IT Department. This incident reinforces that continued commitment.
“Although the incident originated from an official Lake County government email account, the office fully understands the frustration, inconvenience and concern that accompany such occurrences and appreciates the public’s patience.”
