***FOR IMMEDIATE RELEASE***
October 3, 2019
North Carolina State Bar Target of Ransomware Attack
A cybersecurity incident occurred this week at the State Bar.
At 8:45 pm on Monday, September 30, the North Carolina State Bar was the target of a ransomware attack. This attack, which was quickly discovered by the State Bar monitoring system, infiltrated the network through a server and began encrypting (locking up) the system, server by server. A rapid response team immediately began disconnecting the servers and workstations in an attempt to stop the spread of the ransomware. While this effort was successful in stopping the spread of the ransomware, the system must now be restored and repaired using backup data. At this stage, there is no indication that any State Bar data, including personally identifiable information, was appropriated. Access to the State Bar website and Membership/CLE portal is currently unavailable while we work to restore and repair our system.
We are conducting an analysis of the attack and aftermath to put the State Bar in the best position to prevent this from happening again. We are also following through with our notice obligations and are obtaining the assistance of the appropriate state and federal agencies. No ransom has been paid.
We apologize for any inconvenience to the citizens and lawyers of North Carolina. We are working around the clock to get our systems up and running as soon as possible.
Please note that this disruption should not impact our ability to host and live stream tomorrow’s Opioid Summit at the State Bar Headquarters in Raleigh.