Skip to main content

The compromise of a web hosting provider used by a well-known campaign finance compliance firm prompted the state office of elections to require all users of its financial reporting system to reset their passwords. pass.

The Oregon Electoral Division, which is part of the secretary of state’s office, said on Monday it learned that Opus Interactive, which hosts the websites of campaign finance firm C&E Systems, had suffered a ransomware attack.

Although C&E Systems’ database, including login credentials for its clients’ accounts on Oregon’s campaign reporting platform, ORESTAR, was compromised, the Secretary of State’s office has said its own systems were not.

“No sensitive data on our systems was exposed,” Secretary of State Shemia Fagan said in a press release Monday. “No system related to the administration of elections has been compromised.”

Nonetheless, the Elections Division is working “proactively” to protect the integrity of its systems, an official with the secretary of state’s office said, and will require all ORESTAR users to reset their passwords. All 1,100 users will receive a notification with step-by-step instructions on how to proceed, the press release said.

“None of our systems were compromised,” said Chris Molin, director of the Oregon Secretary of State’s Information Systems Division. “Out of an abundance of caution, we are taking steps to protect isolated users impacted by the attack and are proactively communicating about the issue to avoid confusion.”

“The Oregon Secretary of State takes cybersecurity very seriously,” the press release said, noting that the office works year-round with federal cybersecurity agencies to probe and harden its systems.

Little information is available regarding the nature and extent of the ransomware attack.

“Opus Interactive and certain Opus-hosted virtual servers and client backups were hit by a ransomware attack, which encrypted files on the server’s disk,” reads a message posted at 6 a.m. Tuesday on the company’s website. society. “Leading cybersecurity and digital forensics experts have been engaged to assist us in responding to the incident. Our team continues to work toward resolution. No further information at this time.”