The Orange County District Attorney’s Office information technology system was hacked over the weekend, prompting the agency to shut down portions of the system while it investigates the extent of the damage, a spokesperson said Monday, Oct. 23.
Kimberly Edds said the office was alerted to the breach Friday by its cybersecurity program and immediately shut down the portion of the system that was hacked to prevent the damage from spreading to other areas.
She said the office is working with the FBI to investigate.
“We’re doing a full investigation and making sure we’re doing everything we can to mitigate the impact to public service,” Edds said.
She did not know the information that had been breached or whether it was a ransomware attack. No ransom demand had been made, Edds said.
In a ransomware attack, a hacker enters a system and encrypts the data, leaving the owner unable to access it. If a ransom is paid, usually in cryptocurrency, the hacker will provide a decryption key to unlock the data.
“The extent (of the breach) is still being investigated,” Edds said.
Initially, the agency’s ability to send and receive email was affected.
“To contain any effects of the cybersecurity incident, we isolated our network communications,” said a news release sent by the office. “The District Attorney’s office immediately coordinated with partner agencies, including all law enforcement entities in Orange County, including the Orange County Sheriff’s Department.”
Two years ago, an internal audit found cracks in the district attorney’s cybersecurity.
The September 2021 audit recommended improvement in password controls for critical systems and controls to prevent unauthorized access. The audit also found that controls for malware defense should be beefed up.
Additionally, the audit noted incomplete backup data and the risk that data could not successfully be restored when needed. The audit warned that the installation, spread and execution of malicious code could result in data exposure and unauthorized access.
Other large government agencies in Southern California also have fallen victim to security breaches in the past year.
In May, the San Bernardino County Sheriff’s Department acknowledged that the county paid $1.1 million in ransom to hackers who infiltrated the department’s computers earlier this year. Hackers had blocked access to important data. The county paid half of the ransom and its insurance carrier paid the rest.
The Los Angeles Unified School District was hacked last year, compromising about 2,000 student assessment records as well as positive COVID test results, driver’s license numbers and Social Security numbers.
