Washington state Administrative Office of the Courts hack due to unpatched ColdFusion vulnerability

Rachel La Corte has more on the hack reported earlier today on this blog:

The breach happened due to vulnerability in an Adobe Systems Inc. software program, ColdFusion, that has since been patched, court officials said. The hack happened sometime after September but wasn’t caught until February, they said.

[…]

Mike Keeling, the courts’ information technology operations and maintenance manager, said officials were alerted to the breach by a business on the East Coast that had a similar intrusion.

“They recognized our information in their breach log,” Keeling said, which led them to install the patch provided by Adobe and start an investigation.

[…]

Keeling acknowledged that confidential information should have been kept in a different area, “and now they are.”

“I can say nothing more than it was an oversight on our part,” he said.

Read more on Yakima Herald.

About the author: Dissent