Engagement platform iConstituent LLC, used by senators, congresspeople, state and local officials to automate and streamline communication with their constituents, has been struck by a ransomware attack.

The exact form of ransomware and how many users were impacted has not yet been disclosed. The House of Representatives’ chief administrative office confirmed the ransomware attack but did not provide details.

“At this time, the CAO is not aware of any impact to House data,” the CAO office said in a statement reported by Cyberscoop. “The CAO is coordinating with the impacted offices supported by iConstituent and has taken measures to ensure that the attack does not affect the House network and offices’ data.”

According to some unconfirmed reports, the ransomware attack has left almost 60 house offices unable to access constituent data. States such as New York, Georgia, and cities including Los Angeles were also said to be affected.

Founded in 2001, iConstituent pitches itself as an engagement platform for elected representatives. Notable clients include the states of Illinois, Hawaii, Georgia and New York along with the cities of East Palo Alto and Los Angeles. Services include email bundling, automated messaging and real-time dashboards that are said to make sure communication requests to politicians are handled in an efficient and timely manner.

The ransomware attack on a service provider to the U.S. government comes on the heels of high-profile ransomware attacks, including Colonial Pipeline Co. and JBS S.A. Potentially encouraging further ransomware attacks, both Colonial and JBS paid the ransom demanded.

“Ransomware attacks on government infrastructure are becoming prevalent,” Gary Ogasawara, chief technology officer at enterprise data storage firm Cloudian Inc., told SiliconANGLE. “For government agencies, not only must data be protected and kept out of the hands of threat actors, but keeping networks up and running is crucial.”

Ransomware-proof data protection at the storage level can help, Ogasawara added. “Enterprises can achieve this by keeping an immutable copy of backup data to prevent cybercriminals from encrypting or deleting files,” he said. “This means hackers won’t be able to access sensitive information, and organizations can operate confidently in the face of this heightened security threat.”

Image: iConstituent