The first signs of a possible cyber breach were detected on May 2 by a “security monitoring firm” that reported its findings to the State Security Office, which in turn notified the Alaska Department of Health and Social Services (DHSS) on May 5.
FireEye’s Mandiant was brought in to help investigate the incident. The investigation revealed on May 17 that a server related to the DHSS website had been breached. The incident was immediately disclosed to the public and updates were provided in June and August. However, not much information could be made public due to the ongoing investigation.