A hacker appeared to have broken into the state of Delaware’s treasury division website early Monday morning, posting an anti-Israel, pro-Palestinian message.
The message stated in part, "Hacking sites will not stop unless Gaza is free."
It is not known at what time the division's normal webpage was taken over. The hacker's message disappeared from the division's website around 9:35 a.m., and the entire website was restored within several hours.
Several other state websites, including DNREC, DelDOT, the Department of State, Veterans Affairs, the Department of Education and various state officials, appeared to be unaffected.
The reason may be that the Treasury’s website is not maintained through the state’s website, at Delaware.gov, but instead is managed by a third party, Hosting.com, of Newark, said Elaine Starkey, chief of security for the state’s Department of Technology and Information.
“[The Treasury] wanted their own look, so they decided several years ago not to go with the Delaware.gov website,” Starkey said.
A check showed at least several dozen other websites across the country also had been affected, including a Wilmington law firm. That firm reported their website had been fixed shortly after 11 a.m.
“It’s clear that this is related to a larger defacement campaign,” Starkey said.
“There are some weaknesses in the website that allowed [the hackers] to post that anti-Israel message on the website,” she added.
“They didn’t steal data, they just made the website look different.”
John Enright, president of HostMySite, a division of hosting.com, confirmed the compromise in an email to the Dover Post.
“At this time, we are confident that the attack only targeted the customer-managed application itself.
“While HostMySite and HOSTING did not install nor do we manage the affected application or its security protocol, we are working closely with the customer to mitigate the situation and provide the optimal path forward. The customer website is back online with all of its original content and design.”