Tipsheet

Capitol Ransomware Attack Leaves House Members Unable to Contact Constituents

A major tech vendor used by members of the House of Representatives and other employees at the United States Capitol suffered a ransomware attack last month, Punchbowl News reported in its newsletter on Tuesday.

The vendor, iConstituent, provides a “Constituent Engagement Platform” for congressional offices and is trusted by dozens of its members. In the attack, the offices of nearly 60 legislators across both parties were compromised. Members victimized by the breach were unable to send or receive constituent email, according to Punchbowl News' newsletter.

Catherine Szpindor, the House Chief Administrative Officer (CAO), said that her office is "not aware" of any effect on data within the chamber.

“The Office of the Chief Administrative Officer was notified by iConstituent that their e-newsletter system was hit with a ransomware attack. iConstituent’s e-newsletter system is an external service available for House offices to purchase," Szpindor said in a statement. "At this time, the CAO is not aware of any impact to House data. The CAO is coordinating with the impacted offices supported by iConstituent and has taken measures to ensure that the attack does not affect the House network and offices’ data.”

The breach on Capitol Hill has become the latest in a series of attempted cyberattacks against the U.S. government. On Feb. 5, hackers gained access to a water treatment facility in Oldsmar, Florida, and unsuccessfully attempted to poison its water. This prompted the Biden administration to respond with an effort to strengthen power grid cybersecurity in April.

But last month, the computerized equipment of Colonial Pipeline — an oil pipeline that originates in Houston and carries oil to the Northeastern U.S. — was compromised by DarkSide, a criminal organization believed to be linked to the Russian government. This ransomware led to panic buying of gasoline across the East Coast, further driving up surging gas prices.

In addition to congressional offices, state governments in Georgia, Hawaii, and Nevada — as well as the California cities of Los Angeles and East Palo Alto — regularly use iConstituent’s constituent engagement platform. There is also no evidence that GovText, a similar iConstituent program allowing government officials to inform and engage with voters, was compromised in the ransomware breach.