Threat actors known as DoppelPaymer claim to have attacked the Illinois Attorney General’s Office. And on April 13, the AG’s office acknowledged that they were investigating a network compromise:
April 13 — Attorney General Kwame Raoul today announced the Office of the Attorney General’s network has been compromised. Attorney General Raoul released the following statement:
“In the early hours of Saturday morning, it was discovered that the office’s network was compromised. Since then, information technology staff and investigators from the Attorney General’s office have been working closely with federal law enforcement authorities to evaluate the extent to which the network was compromised.
“This investigation is ongoing, and I am committed to resolving this situation as soon as possible to ensure that the Attorney General’s office can continue to provide critical services to the people of Illinois.”
The investigation into the extent to which the Attorney General’s office’s network was compromised is ongoing. Additional information will be made available at a later date.
No update has been posted since then.
For its part, the threat actors have posted less than a handful of old files that contain some personal information, but nothing particularly critical to any current investigations or personnel data.