Public Disclosure Commission hacked

The Associated PressSeptember 18, 2013 

The state Public Disclosure Commission’s network was breached earlier this month, though officials Tuesday said no information was compromised.

Michael Smith, chief technology officer for the state agency, said that the agency was notified by the state’s Consolidated Technology Services last week that a virus had hit the network on Aug. 17, but that the actual network incursion occurred Sept. 8.

Smith said the PDC was told by CTS that the incursion was initially believed to be domestic, but may have been done by a foreign government. Smith said no sensitive information was obtained or changed on the system, which contains financial records that are public records. The commission provides public access to information about financing of political campaigns and lobbying activities.

“We believe it was mostly for a reconnaissance mission to identify machines on our network,” Smith said.

However, David Postman, a spokesman for Gov. Jay Inslee, said there was no evidence of foreign involvement.

“Often it is a possibility that an attack can come from overseas, but in this case we are certain there is no good evidence that this was any foreign government,” Postman said in an emailed response. “There were foreign IP addresses, which is quite common in hacking attacks. This is considered a lower level attack.”

Smith said that CTS was notified of the breach by the FBI, which saw some of the agency’s user names and passwords on a reputed hacker’s website. Since the agency learned of the hack, Smith said that passwords have been changed, and CTS has been scanning its sites looking for potential points of vulnerability.

Postman said that the hack concerned a single computer application used, and that a total of four state agencies had used a similar application.

“As a precaution, we took them down and put up a firewall protection,” he said, but noted that no other agencies had been breached at this point.

Smith said the FBI is currently analyzing the breach. But Postman said that the FBI was not involved.

In an email, FBI spokeswoman Ayn Dietrich said she could neither confirm nor deny any investigation, but wrote “the public should be assured that the FBI takes seriously cyber intrusions that could compromise national security.”

This is the second known data breach in Washington state this year. In May, the state Administrative Office of the Courts announced that it was hacked sometime between last fall and February, when officials warned that up to 160,000 Social Security numbers and 1 million driver’s license numbers may have been accessed during a data breach of its public website.

The Olympian is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere in the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

Commenting FAQs | Terms of Service