The state of California’s official elections and business registration websites appear to have been compromised by pornography and cash app peddlers.
Google users searching for information related to the sites, both of which are overseen by the California secretary of state, were directed to PDFs with links and titles that include “My friends hot mom” and “Japanese Sex Video Porn Videos sexy.”
Those links, which appear connected to the state government website, were interspersed with legitimate web address for the business services and other information provided by the secretary of state.
The links, once opened, direct users to porn sites.
A representative for the secretary of state’s office didn’t immediately respond to a request for comment. The state agency oversees elections and business filings.
Multiple government sites across the country reported similar attacks in the last several weeks.
The website for the state’s Mojave Desert Air Quality Management District last month hosted documents detailing how to use AI technology to generate nude images, KBAK-TV reported. A representative for the air quality district told the television station the issue was related to their web-hosting partner, Granicus.
Another news outlet reported that the website for the Kansas attorney general’s office was targeted with links promoting AI-generated nude photos. The issue involved a third-party platform, KWCH-TV reported.
Granicus told the news station that it is “aware of reports regarding illicit content being uploaded through government websites. Among the government agencies mentioned in these reports, a small subset are Granicus customers.”
Brian Penny, a freelance journalist and AI researcher in Tuscon, alerted The Times to the secretary of state links. He said he first discovered an AI sex ad linked to the Nevada Department of Transportation last month.
Since then, he has tracked 38 government agencies in 18 states and three countries that have been targeted by porn, video game, crypto currency and other advertisers.
He said he is reporting the links to many of the government entities.
One concern, he said, would be if a government employee clicks on a malicious link and bad actors are then able to find out personal information about citizens or to email from a government account and send citizens traffic bills, for instance.
“This is a huge thing,” Penny said. “All of our city and county governments need to be focused on cybersecurity right now. If the government’s not safe, how safe are you?”