Kentucky, Arkansas say abortion ban leaks used publicly available data

The state governments of Kentucky and Arkansas said they launched investigations into data leaks that allegedly took place this weekend and officials from both states believe the information was already publicly available.

On Saturday, a group calling itself SiegedSec claimed on Telegram that it was leaking “internal documents and files retrieved from Kentucky's and Arkansas' government server." The group said it hacked the states because of their recent abortion bans.

Kentucky and Arkansas are two of the eight states in the U.S. that immediately banned abortion after the Supreme Court overturned Roe v. Wade on Friday, a result of "trigger laws" designed to prohibit the procedure following the ruling.

The group said the documents included “plenty of employee PII and lots more.” They included a 7-8 GB zip file allegedly containing the information and shared a sample of the documents on Telegram. 

“THE ATTACKS WILL CONTINUE! Our main targets are any pro-life entities, including government servers of the states with anti-abortion laws,” the group said. 

The messages were first reported by DataBreaches.net. The group told the website that they took the data in Arkansas from “a server for Arkansas’ Division of Land Surveys” and admitted that the Kentucky data did not “appear to be directly connected to any agency or department.”

Spokespersons for the governors of both states provided differing responses to the situation. 

Crystal Staley, a spokeswoman for Kentucky Governor Andy Beshear, told The Record that the Commonwealth Office of Technology (COT) is investigating claims made by the activist group.

“Information pertaining to Kentucky has been identified and while initial indications are that this is publicly available data that does not include personally identifying information, the state will continue its investigation,” Staley said in an email. 

“Federal law enforcement partners have been notified and COT’s information security officers remain on high alert.”

A spokesperson for Arkansas Governor Asa Hutchinson denied that the leak included any sensitive information.  

Shealyn Sowers, Hutchinson’s spokesperson, said government officials “became aware that a so-called hacktivists group claimed to have accessed and downloaded internal documents from the State of Arkansas systems.”  

“After initial analysis, our security teams have determined that there was no access beyond what is publicly available and only public record data was seen or downloaded,” Sowers said   

“The systems that were involved did not sit on the State of Arkansas network but rather in a public cloud provider. We continue to remain vigilant as we go about the process of keeping our systems secure.”

Hacktivists have long taken matters into their own hands but the practice has grown in prominence since the Russian invasion of Ukraine. Thousands have joined either side, targeting critical infrastructure and data-laden government organizations with distributed denial-of-service attacks and more.