The progressive accounting firm C&E Systems has apparently been hacked. According to Jef Green with C&E Systems, "One of the cloud companies that we utilize was hacked but is expected to be back online within the next 24 hours and there was no sensitive data on the servers, except for some candidate Orestar profiles, all of which have been reset. The data that we lost access to is the same income/expense data that has already been reported to Orestar."

Green also said, "Some of client’s donation pages where down for a day but most also have ActBlue or another third party provider. Our C&E pages should be up and running tomorrow as well. We had to do some manual data entry into Orestar, but the client committees are not being affected."

C&E Systems manages campaign finance reporting for many progressive candidates including Secretary of State Shemia Fagan and Oregon Governor Kate Brown, among many others.

C&E Systems is hosted on Opus Interactive, which posted a statement on their web page.

Opus Interactive and certain Opus-hosted customer virtual servers and backups were hit by a ransomware attack which encrypted the server disk files. Industry-leading cybersecurity and digital forensics experts have been engaged to assist in our response to the incident. Our team is continuing to work towards resolution. No further information at this time.

Oregon Secretary of State Shemia Fagan has released a statement, saying, "The Oregon Secretary of State has not been hacked. No sensitive data on our systems has been exposed. No systems related to elections administration have been compromised."

The Oregon Elections Division learned on Monday that Opus Interactive -- a web hosting provider used by the campaign finance firm C&E Systems -- was the victim of a ransomware attack. C&E's database was compromised, which includes their client's log-in credentials for Orestar accounts. As a result, the Secretary of State's Office is proactively working to protect system integrity and requiring all users to reset their passwords.

“None of our systems have been compromised," said Chris Molin, Oregon Secretary of State Information Systems Division Director. "Out of an abundance of caution, we are taking steps to protect isolated users impacted by the attack, and communicating proactively about the issue to prevent confusion.”

A D V E R T I S E M E N T

A D V E R T I S E M E N T

All affected Orestar users — 1,100 people — will receive a notification and have been sent detailed instructions on how to proceed.

Secretary Fagan concluded, "The Oregon Secretary of State takes cybersecurity extremely seriously. We work with CISA, EI-ISAC, and the FBI year-round to ensure the integrity of our systems."


--Staff Reports

Post Date: 2022-05-10 07:26:24

Last Update: 2022-05-10 14:43:25