Richard Gootee reports:
Warrick County Prosecutor Michael Perry announced that some of the county’s child support files were affected by a computer virus last year, which was before Perry took office.
Perry laid blame for an alleged subsequent coverup of the incident at the feet of his predecessor — Jo Ann Krantz, whom Perry beat in the 2014 Republican primary election. In a news release, which was issued Monday, Perry said the office’s computer files were affected by a “cryptolocker” virus. Such a virus can infect a servers files and render them useless.
Read more on Evansville Courier & Post. Tri-State Media provides the full press release:
Shortly after taking office, I became aware of a possible breach of computer security that occurred in the Prosecutor’s Office sometime in March or April of 2014. This breach was the result of email that was infected with something known as a “cryptolocker virus.” This type of virus infects a servers’ files and encrypts them so that they are no longer useful. A secondary aspect of this particular virus is a message from the originator of the virus that for a certain amount of “cyber” money (e.g. bitcoin), the encryption would be reversed and the files restored.
Some of the files that were included in this security breach were those in the Child Support Division, which include potential identifiers such as Social Security Numbers, names, address, personal tax information, etc.
The duties and responsibilities of this office mandate that the elected prosecutor immediately notify certain government agencies of a suspected breach, including the I.R.S., the Federal Social Security Administration and the State Child Support Bureau, among others. After a thorough investigation, it was determined that such notification was never done. In fact, during this investigation, it was discovered the elected prosecutor at the time, Ms. Joann Krantz, not only failed to notify any of the respective agencies, she issued express orders to all employees that this matter was not to be discussed with anyone. This directive was contained in an email that stated, “Important reminder – “what happens in Vegas stays in Vegas” – including issues/problems we might have with software and equipment.”
Conversely, upon receipt of the information of the security breach, I immediately notified the District 8 Regional Child Support Representative of the suspected breach. This individual, in turn, notified the State Child Support Bureau, who then began an exhaustive investigation into this matter, which included cooperation among the Warrick County Prosecutor’s Office, the Federal SSA, the IRS and members of the State Child Support Bureau.
Several points of emphasis were gleaned from this investigation. First, under the direction of the elected prosecutor, the child support staff were improperly scanning Title IV-D cases and storing them in an unsecured fashion. Secondly, the elected prosecutor failed to fulfill the duties and obligations of her office by reporting the suspected breach and instead elected to suppress this information, which action hindered the subsequent efforts to determine if any personal information had been illegally obtained.
Finally, to the best information that all the invested parties can determine at this date and time, there appears to not have been any personal and identifying information obtained by impermissible parties as a result of this breach. All available resources have been marshaled to ensure that future breaches will be next to impossible. We, as law enforcement officials, are more than aware that identity theft is a very serious and ever increasing crime. The Warrick County Prosecutor’s Office assigns the protection of an individual’s personal, identifying information as a highest priority. If, however, by some illegal method, the computer servers of this office are invaded by some outside source, we can assure the general public that all appropriate authorities will be notified, all steps will be taken to protect the identities and identifying information of individuals who may have such on file with our office, and all individuals responsible for these criminal actions will be prosecuted.
Michael J. Perry
Warrick County Prosecutor