Alaska’s Department of Health and Social Services (DHSS) released a statement revealing that the security breach which attackers infiltrated DHSS networks was committed by a sophisticated attacker on a national level.
According to reports, the person gained access to the organization’s network through one of its publicly accessible websites before moving on to deeper resources.
Back in August, an update to the investigation showed that the intrusion was a direct, sophisticated attack and not a mere ransomware attack.
Scott McCutcheon, DHSS technology officer, commented on how advanced and sophisticated the attackers were: “This was not a ‘one-and-done’ situation, but rather a sophisticated attack intended to be carried out undetected over a prolonged period. The attackers took steps to maintain that long-term access even after they were detected.”
In the attack in question, the attackers gained access to “any data stored on the department’s information technology infrastructure,” including full names, dates of birth, social security numbers, and more.
For more information, read the original story in Arstechinca.
