Thursday, May 23, 2013
AUGUSTA — The state’s online database of legislative activity has been taken offline, the result of a malicious attempt by an unknown hacker to manipulate the website’s coding.
On Thursday, information technology officials at the Legislature shut down the website’s bill status function, which allows users to follow legislation in real-time, such as roll calls, committee votes, amendments and fiscal notes.
The manipulated code inserted the addresses of extraneous websites that could have exposed users’ computers to harm if they clicked on the links, said Scott Clark, director of information technology for the Legislature.
“It’s not really a hugely harmful thing if you get the website down,” he said.
So that’s what information technology staff members did Thursday when they became aware of the problem. “We detected it and took the site offline,” Clark said.
The bill status section of www.mainelegislature.org is run by an outside vendor, International Roll-Call. It’s unclear if the malfunction has affected the websites of other state legislatures operated by the company.
“We’ve been talking to the vendor and they have plans to tighten their security a bit,” Clark said.
No one at International Roll-Call could be reached late Monday. The company’s website lists 76 clients, which include state legislatures, the U.S. House of Representatives and a handful of national parliaments as customers.
Clark said information technology staff members plan to meet Tuesday to update supervisors and further discuss the problem. It’s unknown at this point whether a data breach occurred.
Judi DelFranco, assistant secretary of the Maine Senate, notified subscribers to the state’s legislative activity notification system late Monday that the bill status function was down. She said she would send out a similar notification when service is restored.
While the function is down, some legislative information is accessible at http://bit.ly/b8QXKS.
Matthew Stone — 623-3811, ext. 435