Food Aid in the Crosshairs: Cyberattack Disrupts Georgia SNAP Access

Hackers Exploited IVR System at Georgia’s SNAP Contractor, Threatening Sensitive EBT Account Data for Thousands of Vulnerable Families

ATLANTA, GEORGIA — In a chilling reminder of the fragility of digital infrastructure supporting essential public services, Georgia’s Supplemental Nutrition Assistance Program (SNAP) call center fell victim to a cyberattack on June 28, potentially compromising access to benefit data for thousands of low-income households.

The breach, confirmed by the Georgia Department of Human Services (DHS), targeted the state’s third-party contractor Conduent, which manages the interactive voice response (IVR) system used by beneficiaries to check their electronic benefit transfer (EBT) account balances and transaction history.

According to DHS, “malicious bots attempted to overwhelm and exploit the IVR interface,” a system that millions rely on monthly to access critical food assistance. While DHS maintains that no personal data was confirmed to be stolen, security experts warn that this type of cyberattack — aimed at account manipulation or data scraping — could open the door to broader fraud and social engineering attacks.

“This was not just a denial-of-service attempt. It was a strategic strike to probe and possibly exfiltrate sensitive data from one of the most essential human services platforms,” said Jason Kent, a cybersecurity analyst at Cequence Security. “Attacks like these are escalating across the U.S., especially in underfunded government tech infrastructures.”

Human Impact

The breach couldn’t come at a worse time. Families across Georgia — many already battling food insecurity and inflation — were left shaken by the prospect of losing access to life-sustaining benefits. For single mother Marsha Daniels, the attack meant hours of uncertainty.

“I called to check if my July benefits came in, but the line kept glitching,” Daniels told MAG212NEWS. “I rely on that money to feed my kids. It was terrifying to think someone could be messing with it.”

Nationally, EBT fraud has exploded. In 2023 alone, over $1 billion in SNAP benefits were reported stolen or fraudulently accessed, with attackers increasingly using cloned cards, phishing, and now automated call system attacks.

Broader Cybersecurity Implications

This incident puts a spotlight on the growing cybersecurity gap in public welfare systems, many of which still operate on outdated technologies outsourced to private vendors. Conduent, one of the largest state contractors for EBT services, provides services to several other states — raising alarms about potential vulnerabilities beyond Georgia.

DHS has since collaborated with cybersecurity experts to contain the incident and implement enhanced monitoring. A spokesperson confirmed the following steps are underway:

• Rate-limiting traffic to the IVR system
• Deploying anomaly detection tools
• Temporarily rerouting high-risk calls through secure channels

The U.S. Department of Agriculture (USDA), which funds SNAP, has also been notified and is reportedly reviewing federal security standards for all third-party EBT service providers.

Expert Warnings and Call for Action

Cybersecurity experts caution that unless proactive investments are made, critical assistance programs could remain low-hanging fruit for attackers.

“This should be a wake-up call. Welfare infrastructure is as vital as defense systems, especially when children’s food security is on the line,” said Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation (EFF).

As states shift more services online, the intersection of technology, privacy, and social safety nets demands urgent attention. Failing to secure them risks undermining public trust in essential government programs.