The Orange County District Attorney’s Office found itself at the center of a cybersecurity crisis as it reported a “breach” that occurred on a Friday and was officially disclosed the following Monday.
Furthermore, this alarming development raised significant concerns, especially as the office had been addressing cybersecurity issues highlighted in a 2021 report by internal county auditors. The auditors had identified three “critical” and five “significant” weaknesses within the DA’s cybersecurity controls, including the risks of unauthorized access and the presence of “malicious” malware within their systems.
Promptly responding to the situation, the DA’s office took immediate action, shutting down the affected systems upon receiving alerts from its cybersecurity infrastructure. A comprehensive investigation was initiated to ascertain the source of the attack. The office also implemented a series of protocols aimed at ensuring the continued efficiency of the Orange County criminal justice system and isolating network communications to mitigate the incident’s effects.
Despite these efforts, questions regarding the extent of the breach and the security of the compromised data remained unanswered as of Monday afternoon. Cybersecurity issues have been a contentious topic in the county government, with a history of vulnerability to hacking and malicious activities stemming from outdated software and former employees retaining access to critical systems.
The recent follow-up on the DA’s cybersecurity report revealed that, as of September 30, 2022, only five of the recommended security measures had been implemented, leaving six still in progress. Although the breach appears contained within the DA’s office, the incident underscores the pressing need for robust cybersecurity across all county departments.