Illinois AG Raoul Spends $2.5M On Ransomware Hack: Report
CHICAGO – Illinois Attorney General Kwame Raoul’s office spent more than $2.5 million for cybersecurity after a ransomware hack in April that put the personal data of an unknown number of residents at risk and came after federal authorities told him that his office’s cybersecurity systems were lacking.
Raoul declined to acknowledge just how much hackers were demanding in the attack, but told the Better Government Association and Chicago Tribune that he was angered, frustrated and embarrassed by the attack.
“Notwithstanding whatever the amount was, it’s our philosophy as state head law enforcement agency that paying criminals is not something we do and not something we contemplate doing,” Raoul told the outlets earlier this week.
On April 21, several gigabytes of files apparently taken from the attorney general’s office were uploaded to a dark web website called Dopple Leaks, which contains “private data of the companies which were hacked by DoppelPaymer,” a ransomware gang.
State law requires businesses and institutions to notify residents when their information has been compromised by a data breach, so the attorney general’s office posted a public notice saying officials were unaware of what was stolen.
At the time, Raoul said that the cyberattack had compromised his office — and warned Illinois residents to guard themselves against identity theft. Raoul said in a news release that information that became compromised included names, addresses, social security numbers, account numbers, health insurance, tax, medical, driver’s license and “other such information.”
The more than $2.5 million will be used to protect Raoul’s office and will go toward rebuilding computer systems, getting his office back online and notifying residents that their personal information may have been compromised in the attack, the Better Government Association reported.
In the meantime, Raoul’s office remains largely offline, which has forced business to be conducted through the mail or over the telephone. Despite the process of having to essentially rebuild his office’s online access system, Raoul told the two news agencies that he never considered paying the ransom that was being sought by hackers.
The Better Government Association reported that Raoul’s office budget received an $8 million boost from state legislators after the attack. The majority of the funding is expected to help the office recover from the attack and beef up its cybersecurity systems, the report stated.
The attack came after Raoul was notified by federal officials that his office would be undergoing an audit due to deficiencies in its cybersecurity programs, the Better Government Association reported this week.
He said that the fixes have come slowly due to the ongoing federal investigation. Raoul said that his office wanted to do things in a cautious manner as to not “jinx our process,” the outlets reported.
“It’s important to do this the right way, that we don’t compromise the security of our network and our investigation,” he said, according to the Better Government Association report. “And if we rush, we could find ourselves right back … where we are.”