The Oregon Secretary of State has not been hacked. No sensitive data on our systems has been exposed. No systems related to elections administration have been compromised.
The Oregon Elections Division learned on Monday that Opus Interactive — a web hosting provider used by the campaign finance firm C&E Systems — was the victim of a ransomware attack. C&E’s database was compromised, which includes their client’s log-in credentials for ORESTAR accounts. As a result, the Secretary of State’s Office is proactively working to protect system integrity and requiring all users to reset their passwords.
“None of our systems have been compromised,” said Chris Molin, Oregon Secretary of State Information Systems Division Director. “Out of an abundance of caution, we are taking steps to protect isolated users impacted by the attack, and communicating proactively about the issue to prevent confusion.”
All affected ORESTAR users — 1,100 people — will receive a notification and have been sent detailed instructions on how to proceed.
Information on the ransomware attack is available on Opus Interactive’s website.
The Oregon Secretary of State takes cybersecurity extremely seriously. We work with CISA, EI-ISAC, and the FBI year-round to ensure the integrity of our systems.
Source: Oregon Secretary of State