Hackers on Tuesday morning targeted the Minnesota Senate’s website that forced it to go offline for the major part of the day, reports Star Tribune. During the breach, the hackers were able to access a file of passwords used by the senators and staff.
In an email written to the senators and staff, Secretary of the Senate Cal Ludeman informed that the Senate’s server was “hacked and accessed for several minutes” starting at 4:24 a.m. Tuesday. As a precaution, the SIS (Senate Information Services) brought down the server and with the help of Minnesota IT and the FBI, and they were able to trace what was accessed within the server, namely the Passwords File, his email said.
“The Passwords File that was accessed as well as passwords to our main database server have all been reset and log files checked to assure there is no further unauthorized access to the servers. These passwords also included the Senate WiFi password. As a result, the Senate WiFi network was brought down to reset and test as another precaution. This Passwords File does NOT contain passwords to Senator or staff emails or login accounts, nor does it have access to the server that has that information. The original website breach caused SIS staff to slowly rebuild pages as they confirmed them to be secure. This will be an ongoing process … .,” read a part of Ludeman’s email.
Ludeman also noted that the same hacker group has targeted 10 state agencies, including the governor’s office, in recent days.
Meanwhile, the Minnesota Senate’s official website was back up and running on Tuesday evening. A spokeswoman for Minnesota IT confirmed that there was no evidence of a data breach.
It’s unknown whether the Senate attack is connected to the series of DoS (denial of service) cyberattacks that have been targeting the state’s computer systems following the death of George Floyd in police custody. Many state agencies were targeted as well as other websites have also experienced outages due to cyberattacks.
However, Gov. Tim Walz in a weekend news conference said that “a very sophisticated denial-of-service attack on all state computers was executed” as the state prepared its response to riots on Saturday.