Illinois (ECWd) –
The Attorney General disclosed a ransom cyberattack on the computer systems in the morning of April 10, 2021, of their office in this press release published April 29, 2021.
With more than two months passing, the Attorney General is not only unable to search key records to comply with one of our FOIA requests from May 17, 2021, they were able to deny another with an interesting twist.
I asked for three simple things.
1. A copy of any ransom notice or demand received in relation to the hacking of the Attorney Generals’ computer files and website.
2. A copy of any request for a criminal investigation into the computer hacking of the Attorney General’s computer files and website.
3. A copy of any communications with entities claiming responsibility for the computer hacking of the Attorney General’s computer system.
Today the Attorney General’s office confirmed they have no record of any request for a criminal investigation into the computer hacking of their office computer files and website. Let that sink in, in light of one of the comments in the denial letter related to items #1 and #2.
“The records that we have determined are exempt under this section include the ransom note and information contained in our communications with the suspected perpetrators that relates to an ongoing criminal investigation and reasonably contemplated law enforcement proceedings of this office. Accordingly, the responsive records are exempt from disclosure under section 7(1)(d)(i).” (emphasis added)
They denied my request for items #1 and 2, citing very specific law enforcement-related exemptions, however, we must admit total confusion as to how they can claim numerous law enforcement-related exemptions in one breath, confirm there is an ongoing criminal investigation in another, then deny there is any record of a request for a criminal investigation? I wonder how those criminal investigations began?
As it stands, public officials who are required to take the mandatory Open Meetings Act and Freedom of information Act training are unable to do so as the site is still down with a claim the site is being repaired. They also point out, “There is no set completion date for the website repairs at this time”. As far as my May 17, 2021, FOIA request, we continue to agree to extend the time for compliance since they are still unable to search their files for the requested records.
You know things are pretty bad when the very agency that is supposed to oversee the people’s rights to records is unable to even access their own records to comply with FOIA.
A copy of the denial letter can be downloaded at this link or viewed below.FOIA 078 Closing Letter