SALEM, OR — The Oregon Secretary of State has not been hacked. No sensitive data on our systems has been exposed. No systems related to election administration have been compromised.
The Oregon Elections Division learned on Monday that Opus Interactive — a web hosting provider used by the campaign finance firm C&E Systems — was the victim of a ransomware attack. C&E’s database was compromised, which includes their client’s log-in credentials for ORESTAR accounts. As a result, the Secretary of State’s Office is proactively working to protect system integrity and requiring all users to reset their passwords.
“None of our systems have been compromised,” said Chris Molin, Oregon Secretary of State Information Systems Division Director. “Out of an abundance of caution, we are taking steps to protect isolated users impacted by the attack, and communicating proactively about the issue to prevent confusion.”
All affected ORESTAR users — 1,100 people — will receive a notification and have been sent detailed instructions on how to proceed.
Information on the ransomware attack is available on Opus Interactive’s website.