The Department of Financial Regulation (DFR) has accelerated a long-planned migration to a new website. The department's legacy website was proactively taken offline as a precautionary measure on January 29, 2019 as a result of an identified security vulnerability and has remained offline as the Agency of Digital Services (ADS) completes a full risk assessment.
After a thorough review by ADS and DFR, the department has confirmed that no confidential or personally identifiable information was placed at risk. The data and content on the legacy website was directly related to the administrative management of the website itself and information open for public inspection. No consumer or industry partner confidential or proprietary information was available, and none was hosted on the website server.
No other servers at DFR were included in the scope of this vulnerability and investigation. The legacy website server was hosted by a third party that hosted no other DFR data.
The new website was developed using the state's website content management system and will be hosted on state-managed servers. DFR's new website will go live today, Monday, February 4, 2019.
Launching the new website will enhance the department's online presence to provide consumer support and to regulate industry partners, while also helping protect the website and department from additional online security risks.
Media Contact: Stephanie Brackin, Information Management Officer, 802-828-4872, firstname.lastname@example.org