Multiple government of Guam websites were hacked following a global internet security flaw, but the Office of Homeland Security/Civil Defense said there is no confirmation that sensitive personal information has been compromised.
On Saturday, Gov. Lou Leon Guerrero ordered an immediate, government-wide assessment of all potentially impacted agencies.
Possible worst-case scenarios under review include potential data disruption, deletion, or encryption consistent with ransomware-type activity, according to Homeland Security.
The cyberattack involves a vulnerability affecting all cPanel-hosted websites. The Shadowserver Foundation, a non-profit security organization, estimated that tens of thousands of servers could be affected.
In a statement on its website, the U.S. Cybersecurity & Infrastructure Security Agency said “this type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.”
On Guam, the Office of Technology is leading response and recovery efforts and restoring services using available backups where possible.
Immediate patching and system hardening measures are being implemented to prevent further exposure.
“This is a serious situation, and we are treating it with urgency and discipline,” Leon Guerrero said. “Our focus is clear: secure our systems, protect the public, and restore services safely and as quickly as possible.”