Vendor for House offices hit with ransomware attack

Washington — A private company that provides constituent services to congressional and state government offices was the victim of a ransomware attack, becoming the latest entity targeted by cybercriminals amid growing calls for the U.S. companies to bolster their cyber defenses.

The Office of the Chief Administrative Officer of the U.S. House, which provides support services to congressional offices, confirmed in a statement to CBS News it was notified by the company iConstituent that its e-newsletter system was hit with the ransomware attack. Punchbowl News first reported the incident.

“iConstituent’s e-newsletter system is an external service available for House offices to purchase. At this time, the CAO is not aware of any impact to House data,” the office  said. “The CAO is coordinating with the impacted offices supported by iConstituent and has taken measures to ensure that the attack does not affect the House network and offices’ data.”

Senator Rob Portman of Ohio, the top Republican on the Senate Homeland Security and Governmental Affairs Committee, said in a hearing Tuesday that news of the incident demonstrates the breadth of entities vulnerable to such attacks. 

“Just this morning, news broke that a constituent outreach services platform that nearly 60 offices in the United States Congress, the House of Representatives, uses was hit with a ransomware attack,” he said. “As I’ve said before, no one is safe from these attacks including us.”

iConstituent did not immediately respond to a request for comment. 

The company’s website offers several tools to help federal, state and local government officials communicate with constituents, including a system that allows for the creation and distribution of digital newsletters and a platform for connecting with constituents and collaborating on casework. iConstituent lists among its clients the states of Hawaii, Georgia, and Illinois, as well as the city of Los Angeles, the New York State Assembly and Congress.

The Biden administration has urged U.S. companies to boost their defenses against cyberthreats after several companies were hit with cyberextortion schemes impacting the nation’s infrastructure and threatening U.S. food supply.

The Colonial Pipeline Company was forced to shut down its fuel pipeline, the nation’s largest, last month after it was hit with a ransomware attack by the Russia-based hacking group known as DarkSide. The company paid a ransom worth roughly $4.3 million in bitcoin amid fears of a prolonged shutdown, but the Justice Department announced Monday it recovered 63.7 bitcoins, valued at about $2.3 million, in ransomware payments.

Then, last week, the world’s largest meat processor, Brazil-based JBS, was forced to halt cattle-slaughtering operations at 13 of its meat processing plants in the U.S. after it was the target of a ransomware attack attributed to the Russian-speaking ransomware gang “REvil.” 

President Biden last month signed an executive order aimed at hardening the nation’s cyber defenses following the Colonial Pipeline attack, and the Justice Department said last week it will now handle ransomware investigations the same way it handles terrorism cases.