Officials in multiple states are investigating claims by a suspected politically motivated hacking group that websites connected to local governments were breached or defaced.
This week, the SiegedSec group took to Telegram to claim cyberattacks on five state-run websites. The group shared photos of the websites being defaced, as well as allegedly stolen data. No motive for the attacks was listed in the post, but in previous attacks on government bodies in Texas, Kentucky, and Arkansas, the group explicitly referenced political issues that prompted their attacks.
While the hackers claimed to launch their previous attacks because of state-level bans on abortion and gender affirming care, some experts have urged people to be wary of any stated reasoning due to a general lack of information about who is running the SiegedSec accounts.
Corey Steel, state court administrator for the Nebraska Judicial Branch, confirmed that the Nebraska Supreme Court intranet was targeted, but no sensitive data related to court cases or personally identifiable information was compromised.
The South Dakota Bureau of Information and Telecommunications representative stated that no sensitive information was compromised in the attack on the South Dakota Boards and Commissions website. In Texas, the Texas Behavioral Health Executive Council was the focus of the attack. Darrel Spinks, the executive director of the organization, claimed that the council had not been hacked.
However, the Pennsylvania Provider Self-Service website and the South Carolina Criminal Justice Information Services (CJIS) website were both confirmed to be targeted by the group. The Pennsylvania Department of Human Services, responsible for the Provider Self-Service website, declined to comment on the attack, while the South Carolina Attorney General’s Office stated that they do not control the CJIS website.
SiegedSec, known for its hacktivist nature, has previously targeted various commercial and government organizations, primarily in Russia, as well as conducting smaller campaigns against South American governments, software companies, and healthcare providers.
The group’s leader, YourAnonWolf, has cited “fun” or “lulz” as the primary motivators behind their actions. Authorities are now working diligently to investigate the breaches, assess the extent of the attacks, identify vulnerabilities, and strengthen security measures to prevent future cyber incidents.
