In Alaska, some Department of Health and Human Services (DHSS) systems continue to be out of order after being hit by a government offensive in May.
As a result of the attack, an unknown number of people may have had their personal information stolen. This information could include names, dates of birth, social security numbers, phone numbers, health information, financial information and other data that could be exploited by various hackers.
Due to the sensitive nature of the information and the potential for abuse, DHSS urged all Alaskan citizens who provided their data to DHSS to take action to protect themselves.
The possible breach of personal information has just been revealed, despite the fact that the incident was first identified in May.
Also four months after the initial attack, some DHSS Internet services have not been restored and there is no timetable for when they will return to normal operation.
The attack started with the use of an unspecified exploit against a vulnerable website and spread from there. The state is not providing additional information at this time because "providing further specific details could give our attackers information that would help other hackers succeed in future cyber attacks."
The cyber security company FireEye began investigating the attack and identified those behind it as "a highly sophisticated group known for conducting complex cyberattacks against organizations involving state governments and health care providers" - but has not yet released further details. However, DHSS states that it was not an ransomware attack.
As a result of the attack, DHSS says it is taking steps to strengthen the cybersecurity of networks to prevent future incidents.
Source of information: bleepingcomputer.com