News

Vermont State Computer Hacked

A state computer containing names, Social Security numbers and bank account information for 70,000 Vermont residents was hacked into by a remote user sometime before early December, the state said Monday.

It is possible that the information has been used illicitly, though there is no indication of it, said Human Services Secretary Cynthia LaWare.

The state plans to send letters to the affected individuals urging them to monitor their bank accounts. It will also offer to pay for credit monitoring.

The Human Services computer was used as a tool to track non-custodial parents who owe back child support. The state and a number of banks exchanged financial information on the computer, which was taken out of service in early December after technicians discovered what they thought was a computer virus.

An examination completed last week revealed that the computer had been taken over by a remote user, possibly to relay video or launch attacks on other users, officials said. An episode of the television show "Bones" was found on the machine.

The computer remains offline, officials said.

About 12,000 of the affected individuals owed back child support. The rest of the names -- about 58,800 people -- were supplied to the state by the New England Federal Credit Union, which shared customer information with the understanding that only the data on child support debtors would be used.

New England Federal CEO David Bard said the 58,800 names represent almost the entire membership of the Williston-based credit union.

"We have a number of people who are going to be very frustrated and unsettled by this breach," Bard said. "This never should have happened."

LaWare said the state kept the information on the computer even though it wasn't needed. She couldn't explain why.

About 2,800 customers from eight additional banks and credit unions were also affected, the state said.

Featured

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.