California Department of Finance

The California Department of Finance, also known as California Dept. of Finance or DOF, is a key state government agency responsible for managing California’s financial resources and guiding fiscal policy. Its primary functions include developing the Governor’s annual budget proposal, conducting economic forecasts, analyzing fiscal legislation, and overseeing statewide accounting and financial reporting. The department plays a central role in coordinating financial strategy across California’s extensive government operations, ensuring alignment with legislative priorities and economic conditions. As the state’s chief financial planning entity, it provides critical data-driven recommendations to support policymaking and resource allocation decisions affecting education, healthcare, infrastructure, and other public services.

A significant cybersecurity incident involving the department occurred on December 12, 2022, when the LockBit ransomware gang claimed responsibility for breaching its systems and exfiltrating 75GB of data. State officials confirmed unauthorized network access, triggering a coordinated response from the California Cybersecurity Integration Center, Department of Technology, Military Department, and Highway Patrol. While authorities detected the intrusion proactively and verified that no state funds were compromised, the validity of LockBit’s data theft allegations remained under investigation. The attack highlighted the department’s exposure to cyber threats despite its operational safeguards and collaboration with specialized security agencies.

Despite the disruption, the department maintained continuity in core operations, including preparation of the Governor’s Budget—a critical document outlining California’s fiscal priorities and spending plans. The incident underscored the agency’s role as a high-value target due to its stewardship of sensitive financial data and its position within the state’s governance infrastructure. Ongoing investigations into the breach focused on determining the scope of data exposure while reinforcing cybersecurity protocols to protect essential financial systems. The department’s ability to sustain budgetary operations during the incident demonstrated its institutional resilience amid evolving cyber threats targeting public sector entities.