A pandemic-related cyberattack on the U.S. Health and Human Services Department may have been the work of a foreign state, as Bloomberg reports. The attack on the HHS computer system was thought to be part of a disinformation campaign intended to weaken efforts to contain the disease.

The National Security Council tweeted a warning about “fake” text messages related to the virus. The messages, which were also disseminated via social media and email, spread falsehoods about quarantines and were reportedly connected to the HHS attack. Authorities said the hack didn’t appear to have stolen any data from HHS’ systems.

Meanwhile, a rise in remote work has handed hackers a new target, as The Hill reports. The Department of Homeland’s cyber agency issued a warning on March 14 about data-breach vulnerabilities related to working from home. The Cybersecurity and Infrastructure Security Agency (CISA) highlighted the possibility of hacks on virtual private networks. While VPNs may ease remote work, enabling workers to access their institution’s files, they also present a ripe target for cyber crooks, according to CISA.

“As organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors,” the agency wrote. “Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.”

CISA also reiterated the risk of coronavirus-related email attacks, noting that “malicious cyber actors may increase phishing emails targeting teleworkers to steal their usernames and passwords.”

Elsewhere, warnings about hackers exploiting the COVID-19 crisis continued to reverberate, as MarketWatch reports. Malicious actors are 50% more likely to be behind coronavirus-focused domain registrations, according to a study by Check Point Software Technologies. And John Hopkins University has suffered a cyber attack on its widely used COVID-19 tracking map.