ATTORNEY GENERAL'S OFFICE ISSUES PUBLIC NOTIFICATION OF NETWORK COMPROMISE
Raoul Establishes Toll-Free Hotline and Provides Online Information to Residents
Chicago —Attorney General Kwame Raoul today announced the Office of the Attorney General is notifying the public in accordance with state statute, of a ransomware attack that has compromised the office's network. While the extent of the information compromised is currently under investigation, the Attorney General's office is launching a toll-free hotline and providing additional information to the public via its website.
The Attorney General's office, aided by law enforcement and external technology experts, continues to evaluate the full extent of the compromise, including identifying the information that was exposed and what was done with that information. At the same time, work is taking place around the clock to rebuild the office's network. In the interim, the Attorney General's office is launching a hotline that will go into operation at 8 a.m. Central time Friday. The Attorney General's office is providing additional information to answer individuals' questions and help them protect against identity theft.
"While we do not yet know with certainty what was compromised in the ransomware attack, we are working closely with federal law enforcement authorities and outside technology experts to determine what information was exposed, how this happened, and what we can do to ensure that such a compromise does not happen again," Raoul said. "This process will take time, but I understand that members of the public may have questions now, which is why I am establishing a toll-free hotline and making information available online. I am committed to transparency throughout this very sensitive process and will continue to provide updates that do not jeopardize the progress of our ongoing investigation or the security of our network."
What has since been identified as a ransomware attack was initially discovered in the early hours of Saturday, April 10 when employees were unable to access the office's network. The office launched an immediate investigation and has maintained close contact with federal law enforcement and external technology experts to determine which network components have been compromised. The office has continued regular operations to the extent possible while efforts to rebuild the network are underway.
Illinois statute requires residents to be notified if their information may have been compromised by a data breach. Accordingly, a public notification and answers to frequently asked questions related to the network compromise are now available on the Attorney General's website. The Attorney General's office has not yet determined what personal information on its network is impacted. However, information from the public stored on the office's network includes names, addresses, email addresses, Social Security numbers, health insurance and medical information, tax information, and driver's license numbers. The Attorney General's office routinely offers guidance to help residents protect themselves from identity theft, and today's public notice details steps people can take to protect their identities.
Attorney General Raoul also announced a dedicated toll-free hotline staffed by Rust Consulting Inc., a company that specializes in legal notifications. Beginning Friday, individuals who have questions about the network compromise can call the Attorney General's Computer Network Compromise Hotline at 1-833-688-1949, Monday through Friday between the hours of 8 a.m. and 5 p.m. Central time.
The Attorney General's office continues to evaluate the extent of the network compromise by ransomware. Additional details about the compromise and the personal information impacted will be made available on the Attorney General's website, to the extent possible, upon completion of the office's internal investigation and its work with law enforcement and external technology experts.
Please see the attached Important Notice from the Illinois Attorney General Regarding Computer Network Compromise, which can also be found on the Attorney General's website.