State websites could be vulnerable to hackers
WAKE FOREST, N.C. (WTVD) -- A new potential flaw in North Carolina state websites could expose your personal information to hackers.
Clellie Allen is a small business owner in Wake Forest who brought this to ABC11's attention.
She said she went to use a state-operated website with her sensitive information, assuming it was safe. Her computer alerted her that the website was vulnerable to hackers.
She was trying to pay taxes for her business, The Wake Weekly newspaper.
"I had felt like it would be more secure to pay online than to send a check through the mail- but it's not!" she said.
She ran the Department of Revenue through an independent cybersecurity website and it got an 'F' grade.
She said she's been entering credit card, banking information, and other sensitive information on her company into the site for months.
"So if somebody were to take that information - they could pose as your company and do something," she said. "It is very scary."
The North Carolina Department of Information Technology which oversees the state's cybersecurity insisted in a statement that their sites are not vulnerable.
They also said when they became aware of the issue, they developed a plan to address the concerns.
They are not aware of any information being compromised, according to the state and that they regularly partner with the FBI and the Department of Homeland Security.
Craig Petronella, a cybersecurity expert at Raleigh's Petronella Technology group said the state's claims that its sites aren't vulnerable is an overstatement.
"I say that's impossible to say that because every website is vulnerable at some level," he said.
After ABC11 started investigating Tuesday afternoon, the North Carolina Department of Revenue's website was taken down for maintenance.
It is now back up with a disclaimer warning users they may need to upgrade software to use it.
