by Matthew Holloway | Nov 18, 2025 | News
By Matthew Holloway |
The Arizona Department of Homeland Security (AZDHS) has joined a lawsuit brought by 12 states that challenges the terms set by the Trump administration and FEMA for two federal grants that impact the prevention and response to terrorist attacks, securing the southern border, and bolstering emergency management capabilities.
The lawsuit, filed on November 4th was touted by Democrat Attorney General Kris Mayes as “the 30th lawsuit the Attorney General of Arizona has joined to stop the Trump administration’s federal overreach.” It argues that the grant terms in the Emergency Management Performance Grant (EMPG) and Homeland Security Grant Program (HSPG) depart from past practices, essentially making it more difficult for state, local, and Tribal partners to obtain and use the federal grant funds.
Mayes complained at the time, “The Trump administration is trying to claw back money we use to protect the border, including for protective equipment and vehicles for law enforcement on the ground, and to support emergency preparedness and terrorism response preparation. They are also trying to withhold 50% of the funds we use to respond to emergencies in Arizona.”
“Local, state, and Tribal public safety agencies rely on funding from the Homeland Security Grant Program to effectively protect Arizonans from vulnerabilities bad actors may wish to exploit,” AZDHS Director, Dr. Kim O’Connor said in a statement. “This funding is absolutely essential in keeping our citizens and communities safe.”
The lawsuit points to two of the imposed terms as “at issue”:
- “A hold on EMPG funding until the State provides FEMA with ‘a certification of the recipient state’s population as of September 30, 2025,’ including an explanation of ‘the methodology it used to determine its population and certify that its reported population does not include individuals that have been removed from the State pursuant to the immigration laws of the United States.’”
- “A reduction of the period of performance, i.e., the period in which grant recipients must complete all activities to be reimbursed, from three years to one year.”
The state attorney’s general argue that the accurate determination of a state’s population of lawful inhabitants “exceeds” the federal government’s “statutory authority, as no statute permits Defendants to impose such a hold,” “is contrary to law because 13 U.S.C. § 183 requires federal agencies to use U.S. Census Bureau data to allocate federal grant funding,” and “is arbitrary and capricious in violation of the Administrative Procedure Act (“APA”) because it is unexplained, does not reflect reasoned decision making, and ignores the States’ reliance interests on receipt of the EMPG funds unimpeded.” Finally, they argue that the action was issued without following procedural requirements.
Reasoning for these requirements is, however, provided in the FY 2025 DHS Standard Terms and Conditions, which states “compliance with this term is material to the Government’s decision to make or continue with this award and that the Department of Homeland Security may terminate this grant, or take any other allowable enforcement action.”
Mayes also appears aware of another facet of the administration’s reasoning, as stated in her November 4th statement: “the Trump administration has attempted to reduce FEMA’s role and shift the burden of emergency management to the States.”
President Trump noted during a June announcement in the Oval Office that his administration “want(s) to wean off of FEMA and we want to bring it down to the state level.” He added that states should be equipped to handle disasters directly, noting that he wants to “give out less money,” and to “give it out directly,” according to the Associated Press. He further placed the onus for disaster response onto state governors saying, “The governor should be able to handle it and frankly if they can’t handle the aftermath, then maybe they shouldn’t be governor.”
Matthew Holloway is a senior reporter for AZ Free News. Follow him on X for his latest stories, or email tips to Matthew@azfreenews.com.
by Matthew Holloway | Jul 23, 2025 | News
By Matthew Holloway |
Arizona Representative Nick Kupper (R-LD25) has stepped up to the ongoing controversy surrounding the hacking of the Arizona Secretary of State’s website. The lawmaker has requested a formal briefing from Secretary of State Adrian Fontes to account for the attempted breach of security to all members in the legislature, not merely the “select members” already discussing the matter.
The incident was reportedly carried out by Iranian hackers, according to the Secretary of State’s Office, who replaced images of the candidates on the website with images of the late Ayatollah Ruhollah Khomeini.
In a letter to Fontes, Kupper wrote in part: “While I understand your office has communicated with select members of the Legislature regarding this issue, I believe that all lawmakers should be afforded the opportunity to receive a comprehensive briefing on the nature of the attempted breach, any data or system vulnerabilities identified, and the steps you have taken to ensure the integrity and security of our electoral infrastructure.”
Kupper referenced reported failures in the AZSOS candidate portal noted by Turning Point Action’s Tyler Bowyer last week, writing, “Since the incident, the candidate portal has experienced noticeable slowdowns, which have affected accessibility and overall functionality.”
In a statement released alongside the letter to Fontes, Kupper noted, “Arizona’s election systems should never be this easy a target for foreign adversaries. This wasn’t a prank — it was a politically motivated act of cyberwarfare, and we deserve answers. Every legislator has a responsibility to understand what happened and what’s being done to keep it from happening again.”
Kupper has called for “a comprehensive briefing on the breach, including how it occurred, what systems or data may have been accessed, and what steps are being taken to prevent future incidents.”
The Arizona Representative even offered to arrange the logistics of “a full in-person briefing that will be open to all Arizona House Members and State Senators,” with the reservation of a conference room in the Arizona House of Representatives. He added that the briefing should occur in the next two weeks.
Reporting from KJZZ revealed that the images uploaded by the hackers were also linked to social media accounts, including a Telegram account which wrote, “We were not looking for war or adventure. However, President Trump’s flagrant violation of the agreement, through his aggressive attack on the nuclear and civilian infrastructure of the great nation of Iran, has forced us to face a difficult and regrettable confrontation. Now the American people share in the consequences of his risky decision. Our erosion revenge has begun.”
The attacks persisted for approximately a week, according to Arizona Department of Homeland Security Spokesman Aaron Thacker: “What this incident has done is it’s created — it’s not just an attack on the Secretary of State’s Office. It’s also an attack on government as a whole. We are not the only agencies that are being attacked.”
Thacker added, “When it comes to our overall collective security, this isn’t really something we should be playing politics with, and there have been a few folks that are being unnecessarily critical.”
Matthew Holloway is a senior reporter for AZ Free News. Follow him on X for his latest stories, or email tips to Matthew@azfreenews.com.
by Matthew Holloway | Jul 6, 2025 | News
By Matthew Holloway |
Arizona State Representative and U.S. Army Command Sergeant Major (ret.) John Gillette (R-LD30) offered a public rebuke of Attorney General Kris Mayes in a July 2nd post to X. Gillette offered a stern correction to Mayes after the Democrat AG announced a lawsuit against the federal government and accused the Trump administration of “violating privacy protections with its decision to share Medicaid data with DHS, which houses ICE.” Mayes claimed the administrative data sharing is an “illegal transfer of Arizonans’ private, personally identifiable health data.”
In a statement announcing the lawsuit, Mayes’ office wrote, “Arizonans accessing Medicaid services do so with the assurance that their data would be confidential. While administering AHCCCS and other healthcare programs, Arizona has relied on the federal government’s assurances that it will follow the law and protect confidentiality. It appears the federal government has broken their promise.”
In his post to X Gillette wrote, “Administrative data sharing with DHS, DOJ, HHS is lawful. The state agreed to the terms when they took the matching funds. 42 CFR 431 privacy act, every service member knows this is only protected from non govt use.” According to 42 CFR §431.300 the law “requires agencies to exchange information to verify the income and eligibility of applicants and beneficiaries.” It further defines under § 431.302 that “Purposes directly related to plan administration include—
(a) Establishing eligibility;
(b) Determining the amount of medical assistance;
(c) Providing services for beneficiaries; and
(d) Conducting or assisting an investigation, prosecution, or civil or criminal proceeding related to the administration of the plan.”
Under these terms, the sharing of information between the State of Arizona and the Department of Homeland Security, Department of Justice, and Health and Human Services aren’t merely lawful, but are mandatory. Any extrajudicial attempts to disrupt this information sharing by Arizona would likely be grounds for the Federal government to similarly take legal action against Arizona at the taxpayers’ expense.
Strict limitations are also placed on the federal agencies requiring that they safeguard the information shared regarding program participants, provide “conditions for release and use of information about applicants and beneficiaries,” and restrict access to the information “to persons or agency representatives who are subject to standards of confidentiality that are comparable to those of the agency.”
Matthew Holloway is a senior reporter for AZ Free News. Follow him on X for his latest stories, or email tips to Matthew@azfreenews.com.
by Terri Jo Neff | Dec 4, 2021 | Economy, News
By Terri Jo Neff |
According to cybersecurity experts, anyone with a computer connected to the internet is at risk of a ransomware attack which involves a malware designed to encrypt files on a victim’s device, rendering the files and ultimately the systems which rely on them unusable.
The criminal or criminals who placed the malware via an email attachment or a download which appeared to be safe then exhorts the victim by demanding ransom in exchange for a decryption key or file to “recover” the system.
Most people think of homeland security in terms of enhancing border security and preventing terroristic attacks in Arizona. But cybersecurity is a critical element in protecting Arizona’s infrastructure as well as economic security, according to Ryan Murray, deputy director of Arizona Department of Homeland Security (AZDOHS).
And at the same time that major companies and large government entities are strengthening their IT protocols, cyber criminals are focusing on smaller businesses, local non-profits, and public bodies such as school districts and fire departments, all of which generally don’t have a dedicated IT specialist, or a good understanding of the threat posed by a ransomware attack.
Such targets are easy pickings, Murray told AZ Free News. Adding to the problem is that many cyber attackers are no longer interested in simply holding a company’s IT system hostage until a ransom it paid. They are now incorporating data theft to the attack, Murray said.
Which is what happened in May when a ransomware attack hit Desert Wells Family Medicine in Queen Creek and led to the shutdown of the company’s IT system and left thousands of patients’ health records corrupted after the files were stolen.
In the end, Desert Wells had to manually “rebuild” its 35,000 patient records through other venues such as pharmacies, hospitals, and laboratories because none of its records were recoverable prior to May 21, the date of the hack.
With the scourge of ransomware attacks hard to stop -80 to 90 percent of cyberattacks originate overseas, says Murray- it is imperative for all companies, non-profits, and government entities large and small to understand how to reduce their vulnerabilities. And know what to do when an attack hits.
Which is why Murray’s team is developing a soon-to-be-launched website that provide a wealth of information on protecting against, responding to, and surviving a ransomware attack. The agency will also provide guidance on how to conduct an assessment of the vulnerabilities and strengths of a company’s website, email system, and workstations.
There will also be a speakers’ bureau to provide outreach across the state, says Murray.
And if a ransomware attack or data breach is suspected, local law enforcement officers can contact cyber security specialists as AZDOHS’s new Cyber Command Center which teams with various local, state, and federal agencies. In fact, many police department and sheriff’s offices in Arizona have a designated Threat Liaison Officer, or TLO, who has undergone training in how to respond to a reported cybercrime.
For now, information about what a ransomware attack involves, how to identify an attack, and what to do if victimized by such an attack can be found at www.stopransomware.gov
The combination of ransom demand and data theft which hit Desert Wells Family Medicine was reported to patients as well as the U.S. Department of Health and Human Services three months after it started. A wide range of information was accessed in the attack, including social security numbers, birthdates, names and addresses, and billing account numbers.
Patient medical account numbers as well as diagnostic and treatment information were also hacked, the notice said. The medical clinic had its patient information backed up, but the hacker also corrupted that data.
Private businesses are not required to report whether any money was paid directly or indirectly in response to a ransomware attack. How the unknown hacker or hackers got into the medical center’s system -and its backup data- has not been publicly disclosed.
In the past, companies could turn to their insurers for “cyber coverage” to reimburse the costs associated with ransomware attacks. Some insurers even paid the ransoms in order to recover a client’s system, finding it the cheaper option.
But with the number of such attacks increasing in frequency and cost, it is becoming more expensive for businesses and governments to afford such coverage, if they can even get it. For those lucky enough to have cyber coverage, they will likely see premiums doubled in 2022 with policy limits significantly scaled back.
Page 1 of 11
