Phishing incident gets Oregon.gov blacklisted by Microsoft email services
Yet another government employee has fallen for a phishing email, and this time it’s Oregon state government’s email service that is suffering the consequences.
A statement at the top of Gov. Kate Brown’s website Wednesday notifies visitors that “issues with the @oregon.gov domain are preventing communication from state employees with an @oregon.gov email address.” Specifically, the state is unable to send emails to people with outlook.com, hotmail.com, msn.com, or live.com email addresses because those Microsoft-owned services have blacklisted Oregon.gov since a state employee clicked on a link in a phishing email over the weekend.
An internal memo sent to agency directors this week says the incident generated “over eight million spam emails from an Oregon.gov email address.” The incident was caught by technology officials on Monday, but not before Oregon.gov’s email sender reputation score had been downgraded and communications with any residents using several popular email services interrupted.
A sender reputation score is 0 to 100 rating used to evaluate the trustworthiness of a domain’s emails, similar to a credit score, but for email.
A spokesperson from the governor’s office told StateScoop, by email, that the state’s technology offices are working to fix the problem. The Department of Administrative Services Information Technology program is working with Enterprise Technology Services and the Enterprise Security Office and are “going through the proper channels to restore the Oregon.gov reputation score,” the statement says.
The incident is expected to take “some time” to resolve.
The governor’s office noted that this incident is a good opportunity to remind staff of the importance of information security, and shared an unlisted YouTube video about phishing included in a series of videos the state uses to educate its employees of various IT security risks.
The incident is just one of many cybersecurity incidents affecting state and local government each week as a result of either inadequate cybersecurity protections or a lack of training and awareness, or both.