State budget department hit with cybersecurity ‘intrusion’
SACRAMENTO — Gov. Gavin Newsom’s administration is responding to a cybersecurity “intrusion” at the department that oversees the state budget, the administration announced Monday.
The administration is “actively responding to a cybersecurity incident” at the California Department of Finance, according to a statement from the California Cybersecurity Integration Center, which coordinates cybersecurity work across state government agencies.
A source close to the investigation who asked not to be identified because of security concerns said the FBI and other federal agencies are investigating the incident alongside state agencies.
The Cybersecurity Integration Center statement said that no state funds were compromised. The Department of Finance is in the middle of preparing Newsom’s budget proposal for the upcoming 2023-24 year, which is due in January. The administration said the department is continuing that work despite the incident.
The source close to the investigation said the incident is not expected to prevent the governor’s office from releasing its budget plan by the Jan. 10 deadline outlined in state law. The source also said the administration took the Department of Finance website down for a period over the weekend to check for security issues after discovering the incident and redirected users to a maintenance page. The site was back online Sunday.
State and federal “security partners” coordinated to identify the intrusion, according to the statement. The Governor’s Office of Emergency Services, the Department of Technology, the California Military Department and California Highway Patrol are all working to respond and investigate the incident.
The administration did not provide any additional details about the incident, including when it occurred, how and when it was identified or what information may have been exposed to hackers.