Ashley Madison hack spurs Illinois, local counties to check email addresses – Chicago Tribune
Illinois and local authorities are investigating whether public employees used government email accounts to access Ashley Madison, the dating website for cheating spouses whose database was reportedly hacked and posted online.
Gov. Bruce Rauner’s office and officials in Cook and Lake counties separately confirmed Thursday that the leaked data of purported Ashley Madison users — whose authenticity has not been verified — appear to include six state of Illinois email addresses and one Lake County email address.
“Of the six (state of Illinois) email addresses connected to the data breach, two are associated with people who no longer work for the state,” Rauner spokeswoman Catherine Kelly wrote in an email. “The administration has started an investigation to see if any agency policies were violated, and the agencies will take appropriate action. State agencies discourage using state emails for non-governmental purposes.”
Cook County officials also were investigating county email addresses in the data breach to determine if they are valid and whether county policy was violated, spokesman Frank Shuftan said.
“Employees are permitted minimal and incidental personal use of email, provided that such use does not constitute a prohibited use as defined in the policy,” he wrote. “Prohibited use includes sending lewd, offensive, pornographic and sexually explicit materials. Personal use of email that violates the Acceptable Use Policy may result in disciplinary action up to and including discharge.”
In Lake County, spokeswoman Jennie Vana said via email: “Our (information technology) security person is looking into this. I’m told it will take at least a day to review our database. So, we are investigating.”
This week, a group of hackers calling itself the Impact Team published what it claims is account information for tens of millions of Ashley Madison users after earlier announcing it had retrieved the data by breaching the site’s security.
Online security experts have said the leaked information, which includes names, street addresses, partial credit card numbers, and even height and weight, appears to be from the Ashley Madison site.
However, there is no independent confirmation that the leaked information is accurate. The email addresses may have been entered by impostors, officials said, so they were trying to confirm whether the email addresses matched actual users.
Since many workers juggle work and personal responsibilities, sometimes working from home or on their mobile devices, officials said that compliance with policies that ban personal use of government property becomes a question of how extensive or severe the use is found to be.
Copyright © 2015, Chicago Tribune