BISMARCK, N.D. (KFYR) – On Thursday, May 21, thousands of North Dakotans received notification emails from ND Information Technology regarding a phishing scam.
No harm was done, nor was a hack successful in this incident. As NDIT says, “This incident was not the result of a compromise within the ND.GOV environment. A non-state email account experienced a business email compromise (BEC), and a malicious message attempted to spread to additional contacts, including the external account group.
The message was successfully detected and blocked by the state’s email security protections and placed into quarantine. However, due to an automated notification process, a quarantine notification was sent to the external account group.
We have since implemented additional configuration changes to prevent similar notifications from being distributed in this manner going forward. The security protections functioned as intended and prevented the malicious message from reaching users’ inboxes.”
This latest hack attempt, plus two major cyber incidents in North Dakota this year, are renewing warnings from state technology leaders that online safety has to become a daily habit for everyone.
In Minot, a ransomware attack hit a computer server at the city’s water treatment plant. The affected server was unplugged, and staff used manual procedures for about 16 hours. City officials said the water supply remained safe and the city stayed operational.
In Dickinson, school officials said criminals used an email scheme to impersonate a trusted vendor and redirect payments, defrauding the district of more than $4.92 million from its Building Fund.
The district said it immediately notified financial institutions and law enforcement, and the FBI was able to help recover the funds.
State cybersecurity officials said the two cases highlight different threats, one targeting critical infrastructure and the other aiming for money, but they share the same bottom line.
“Anybody that’s on the internet really is a sitting target,” said Josh Kadrmas, governance, risk and compliance senior manager with North Dakota Information Technology. “So if you have a digital presence, digital identity, unfortunately, you’re a potential target, and then you have the typical drive-by type of incidents with regular phishing emails.”
North Dakota Information Technology is urging residents, businesses and public entities to follow its Stay Cyber SMART guidance, a list of steps officials say can stop many common attacks before they start.
“Cybersecurity needs to be part of an everyday journey. It’s a shared responsibility,” Kadrmas said.
SMART stands for setting strong, unique passwords, making multifactor authentication a habit, avoiding risky links, attachments and senders, regularly updating software and devices, and taking care with personal information shared online.
Kadrmas said cybercriminals often cast a wide net.
“Cyber attackers mostly do not discriminate,” he said. “It’s just a drive-by. I’m going to send out these phishing emails. If I get one or two people that fall for it, great.”
Kadrmas said global events can heighten cyber risks and that North Dakota is not immune, noting the state’s two military bases and the potential for increased activity when geopolitical tensions rise.
Officials said anyone who believes they have been targeted should document what they are seeing, contact local law enforcement and report the incident to the FBI’s Internet Crime Complaint Center here.
Kadrmas added that prevention remains the best protection, including enabling multifactor authentication, keeping devices updated and verifying messages before clicking links or sending money.
Copyright 2026 KFYR. All rights reserved.
Click Here For The Original Source.
