The breach was discovered Feb. 4 and the state took two databases—the Central Business Registry and the ORESTAR online campaign finance reporting system—offline to detect and stop the intrusion, a press release said. A subsequent investigation into the incident found that credit card information had not been compromised. The websites were restored on Feb. 24.
While vulnerability testing accounts for the largest chunk ($72,450) of the nearly $177,000 tab, $47,000 was used to cover staff overtime. Employees working through a snowstorm racked up $4,500 in food and lodging expenses.