Some Arizona lawmakers may have fallen victim to a hacking scam this week.
In an email forwarded to the legislature, Mike Lettman, chief information security officer for the State of Arizona, wrote that multiple senators and legislative staff received emails from what appeared to be the state’s human resources department prompting employees to reset their passwords.
According to Lettman, senators who clicked on the link provided in the suspicious email and changed their passwords received a screen in Russian.
“At this point, anyone who clicked on the link or changed their HRIS password has their login and password compromised,” he said.
It’s possible that their desktop or laptop was also affected, Lettman said.
The Arizona Department of Administration has shut down the external access system until the problem is fully assessed. The system is expected to be accessible again on Monday.
A voicemail seeking additional information about the phishing attempt left with Arizona Strategic Enterprise Technology, the state agency which oversees information technology, was not immediately returned.