Originally posted at 7:38 AM on 1/28/20
1/30/20 – 7:54 AM UPDATE: – The Director of External Affairs for Texas’ Public Utility Commission sent us the following statement last night in response to our story:
As you originally posted, January 28th began with the discovery that an as-yet-unidentified party had defaced the agency’s website, causing the home page to display a single banner image bearing the phrase ‘Hacked by Anonymous Iranian.’
While briefly obscured by the banner, the site itself was not affected. Access to the site was quickly restored and the server from which the tampering activity originated was blocked.
An ongoing forensic effort, in conjunction with the state’s data center and the Department of Information Resources, has shown no indication of association with a nation state.
As the site contains no confidential information, nothing sensitive was compromised.
Andrew Barlow, Director of External Affairs | PUCT
1/28/20 – 8:57 AM UPDATE: PUCT’s website is now back online.
As of 7:38 AM Central, the official Public Utility Commission of Texas (PUCT) website is offline, apparently hacked and defaced by someone claiming to be associated with Iran. Instead of the usual website that greets visitors trying to visit puc.texas.gov, visitors are now greeted with a message that claims the website was hacked by an “Anonymous Iranian.”
Here’s a closer look at the text/message left on the homepage:
US government officials have repeatedly and recently warned that utilities in the United States could be targeted by Iran as part of a cyber warfare campaign. To be clear, as of now it’s unclear if this hacking was state-sponsored, a private individual operating in (and/or support of) Iran, or someone simply using the moniker “Anonymous Iranian.”
While a government website being hacked is obviously a serious concern and breach in security, at the moment there’s nothing to indicate that any other system belonging to the PUCT — such as the “the grid,” the often-referenced target by security experts — has been compromised.
We’ve yet to see a statement issued by the PUCT or government officials, but it’s safe to assume that a thorough investigation will take place to determine if any other information, systems, etc, were accessed.
This is breaking news. We’ll update this post with more information as it becomes available.