Arizona Confirms LulzSec HackState: No Evidence Public Safety Department Computers Breached
Characterizing LulzSec as cyberterrorists, department officials confirmed that LulzSec appeared to have gained access last week to the e-mail accounts of at least seven department employees, with the pilfered information posted online by the group.
Public safety officials said there was neither evidence the attack has breached departmental servers or computer systems nor of the larger state network. No evidence exists showing that records on criminal investigations and other sensitive matters had been compromised, DPS said.
DPS said it notified other law enforcement agencies and froze remote e-mail access for departmental employees. The state also activated the Arizona Counter Terrorism Information Center.
Employee privacy is of paramount concern, the state said. "The security of the seven DPS officers in question remains the agency's top priority and, since a limited amount of personal information was publicly disclosed as part of this breach, steps are being taken to ensure the officers' safety and that of their families," the statement said.
DPS said the state is taking the following steps to safeguard state agencies:
- 24/7 monitoring of the state's Internet gateway.
- Industry-standard firewalls, anti-virus software and other capabilities.
- IT security staff employed at each major state agency.
- Close coordination between the Arizona and state, federal and private-sector authorities regarding cyber-security issues.
"While the department noted that LulzSec has decided to disband, it does not diminish the intrusion into the privacy of our officers and the release of sensitive information," DPS said, "nor does this relieve them of their criminal responsibility which may include both federal and state charges."