Consumer Alert: Cyber-Attacker Targeting Businesses and Organizations Using Onsite Microsoft Exchange Servers

FRANKFORT, Ky. (March 12, 2021) – Attorney General Daniel Cameron today issued a consumer alert for organizations and businesses using onsite Microsoft Exchange Servers. Currently, a nation-state attacker, called "Hafnium," is exploiting organizations who use this system to gain access to sensitive information and data. Cyber-attackers who successfully gain access to this information may encrypt it for ransom, execute a destructive attack, or sell it on the dark web.  

“Businesses throughout the Commonwealth have already faced incredible challenges arising from the COVID-19 pandemic, and we’re issuing this consumer alert to help them be on guard from potential cyber-attacks and to protect their confidential data,” said Attorney General Cameron. 

If your business or organization uses an onsite Microsoft Exchange Server, the U.S. Cyber Security and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), encourage you to take the following steps to protect your network. 

Taking action quickly is key to protecting your network from these vulnerabilities.

The Attorney General’s Offices of Consumer Protection and Senior Protection work to protect Kentuckians from fraud, scams, and identity theft.  To learn more, visit  To sign up for future consumer alerts, click here