Cyber Incident Victim: Arkansas
Date:
Nov 2022
Location:
United States of America
Summary
A cyber attack targeting Apprentice Information Systems disrupted online services for over thirty Arkansas counties, forcing multiple county offices to operate offline or temporarily close. The breach prompted the software provider to take affected systems offline as a precaution, leading to widespread operational disruptions including handwritten record-keeping, halted tax payments, suspended deed filings, and inability to issue marriage licenses. While election systems remained unaffected due to separate servers, assessor, collector, clerk, and treasurer offices across impacted counties resorted to manual processes, with some offices closing entirely. The provider indicated restoration would occur only after ensuring system safety, estimating at least two days of downtime for critical government services.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
A cyber incident impacting multiple Arkansas county government offices began unfolding on or around November 5-6, 2022, when Apprentice Information Systems (AIS), a Rodgers-based software provider serving numerous counties, detected a potential security breach. The company initiated precautionary measures by taking affected systems offline, disrupting operations in at least 31 counties that relied on AIS for assessor, tax collector, clerk, and treasurer office functions. By November 7, widespread service interruptions were evident across county offices, with three counties (Arkansas, Pike, and Van Buren) experiencing complete internet outages for their offices. Counties using alternative providers—including Garland, Hot Springs, and Jefferson—remained unaffected, confirming the attack's limitation to AIS-managed systems.
The immediate consequence was a forced regression to manual processes, with employees handwriting records and transactions typically managed through AIS software for property assessment, tax payments, deed filings, marriage licenses, and land records. Offices in Saline and Faulkner Counties closed temporarily, while White County maintained operations using paper-based workflows and phone services despite significant delays. Yell County officials warned residents the outage would persist for at least two days, halting all digital services. AIS CEO Doug Matayo acknowledged the breach investigation but provided no restoration timeline, stating systems would return online only when deemed safe. County officials emphasized that while the disruption caused operational inefficiencies, critical election systems remained unaffected due to physical separation from compromised servers. Public records accessible through assessor databases were not confirmed as exfiltrated or manipulated, leaving the attackers' motives unclear during the initial response phase.