More Stories






Connecticut Department of Children and Families speak out on phishing incident
The Connecticut Department of Children and Families (DCF) spoke out regarding the phishing incident that impacted their employees on May, 20, 2026.
The DCF explained that its employees received an external sophisticated phishing email, the DCF stated the attacker appeared to download emails from two DCF accounts. It went on to say the investigation regarding the attack remains ongoing.
The DCF say that on the same day, the Department of Administrative Services (DAS) expelled a cyber attacker from state systems.
The malicious email was proactively removed from all user inboxes across the agency.
The state of Connecticut has made appropriate referrals to law enforcement, and that investigation also remains active.
The Connecticut Administrative Services Director of Communications Leigh Appleby had the following to say about the phishing incident.
"Generally speaking, the state’s first priority is prevention. Phishing attacks are becoming more common, more complex, and more convincing, particularly as bad actors use artificial intelligence and other tools to make fraudulent messages appear legitimate." Appleby stated. "State employees receive regular cybersecurity training to help raise awareness, recognize suspicious messages, and prevent these types of attacks from succeeding in the first place."
DCF says it is working closely with DAS and the Office of the Attorney General to ensure compliance with all applicable statutory notice requirements related to the compromised information.