Cyber Incident Victim: Illinois State Police

On August 5, 2021, the Illinois State Police (ISP) publicly confirmed a cyber attack targeting their Firearm Owners Identification (FOID) card portal. The incident occurred on or around August 4, 2021, marking the third recent cybersecurity breach affecting Illinois state government entities following prior attacks on the Illinois Attorney General’s Office and the Illinois Department of Employment Security. The attack compromised the personal information of approximately 2,000 Illinois residents holding FOID cards, though the specific types of exposed data were not disclosed in available reports. The FOID system, which manages permits required for firearm ownership and ammunition purchases in Illinois, experienced operational disruptions due to the breach. No details were provided regarding the attack vector, duration of system compromise, or identity of threat actors.

The Illinois State Police initiated notifications to affected individuals following internal confirmation of the breach. Public disclosure occurred through media outlets one day after the agency verified the incident, though technical containment measures and forensic investigation specifics remained undisclosed. The breach occurred amid heightened scrutiny of state cybersecurity defenses following the two preceding attacks on other Illinois agencies. Impacts included potential exposure of sensitive applicant data processed through the FOID portal and temporary system accessibility issues. No information was released regarding whether attackers exfiltrated data, deployed ransomware, or demanded payment. The incident underscored persistent vulnerabilities in Illinois government infrastructure, though comparative analysis of attack methodologies across the three breaches was not documented in available sources.