Alabama Investigates Cyberattack on State Systems

State officials in Montgomery, Alabama, are investigating a cybersecurity breach that compromised government systems beginning the evening of Friday, May 9, 2025. According to Governor Kay Ivey’s office, some state employee usernames and passwords were exposed. While the breach has caused limited disruption to state websites, email, and phone systems, there is no evidence at this time that the personally identifiable information (PII) of Alabama residents was compromised. The Office of Information Technology (OIT) is collaborating with a third-party cybersecurity firm to investigate and restore impacted services.

State employees have been warned to watch for malicious emails, suggesting a phishing-based intrusion may have been the initial attack vector. Officials emphasized that essential services are being prioritized, with teams working to establish a recovery timeline. A dedicated update portal has been launched, reflecting OIT’s stated commitment to transparency and timely public communication.

Alabama’s cyber event mirrors a national wave of attacks on state systems. In recent months, Oregon’s environmental agency was forced to halt statewide vehicle testing, Virginia’s Attorney General’s Office reverted to paper operations, and Rhode Island delayed action on a benefits system breach that exposed data of hundreds of thousands. Unlike these cases, Alabama's breach has not yet caused long-term outages or confirmed data theft, but it highlights the growing cyber risks faced by state governments amid rising attack sophistication and recovery costs.