St. Joseph County officials address fax service hack
ST. JOSEPH COUNTY, Ind. - An Iranian cybercrime group, known as ‘Handala Hack, claims to have breached St. Joseph County’s IT infrastructure.
The group claims it accessed thousands of official county documents. Images reviewed by ABC57 appear to show detailed and unredacted police case, medical, and social security information.
County officials say it was a third party that was hacked, outside of its firewall and systems.
Federal, state, and local resources are now involved, the county's IT director saying they have been in contact with the federal government, the state, and CISA. He also tells ABC57 they started the investigation after the hacker sent out faxes on March 31st.
The St. Joseph County Board of Commissioners sent a statement on Thursday addressing the hack:
“St. Joseph County recently identified unauthorized access involving an account connected to an external fax service used by the county. This service operates separately from the county’s internal network. There is no evidence at this time that any internal systems or county services have been affected. We are actively investigating to determine what information, if any, may have been involved. At this point, there is no indication of any disruption to county operations. Out of an abundance of caution, we are working closely with federal and state partners to fully assess the situation and ensure the continued security of our systems. Protecting the security of our systems and the information entrusted to us remains a top priority. We will provide updates as more information becomes available.”
At a press conference in downtown South Bend on Thursday, St. Joseph County Assessor Michael Castellon said his office is aware of reports about the data breach involving county systems.
“I want to assure all residents that no data from the St. Joseph County Assessor's Office has been compromised. Property records, assessment data and appeal information remain secure,” said Castellon.