For several days, the official site of the Kansas Attorney General’s Office hosted links to artificial intelligence deepfake software, financial scams and adult sites.
On Monday morning, the Kansas News Service accessed PDFs containing instructions for accessing the illicit websites. Documents appearing under the “www.ag.ks.gov” domain name included titles like “DeepNude AI,” “Get Free Cash App Money in 2025” and “+@!XXX SEX VIDEO.”
As of Tuesday, the links through the attorney general’s office are inactive but remain visible on Google. A spokesperson for the office declined to answer questions about how the links appeared on the government website or how the issue would be addressed.
Similar links appear on state and local government sites across the country, including Knoxville, Tennessee, the state of Idaho, the Washington Fire Commissioners Association and dozens of others.
The phenomenon was first reported by Brian Penny, a freelance journalist in Arizona. Two weeks ago, Penny said, he came across a link promoting AI software that “undresses” individuals in photos — on the official site of the Nevada Department of Transportation.
“My brain was going into overdrive,” he said. “That's not something I've seen before.”
In the following weeks, Penny said he documented the same issue on official government sites for dozens of states and several foreign countries.
He began reaching out to local government offices and reporters, but each time he was able to flag the issue for one entity, more popped up.
“It's like playing whack a mole,” Penny said.
One of the earliest government agencies to respond to Penny’s warning was the Mojave Desert Air Quality Management District. The district pulled its site down and reached out to Granicus, a Denver-based company that provides cloud-based internet and communications services to the Mojave Desert AQMD and over 7,000 other public sector entities.
Granicus told Martial Haprov, the spokesperson and webmaster for the Mojave Desert AQMD, that it was investigating the issue.
Haprov said harmful content had been uploaded via the agency’s online complaint portal. But he still does not know where the documents came from, how they became publicly accessible or what had motivated the breach.
“It's mind-numbing to try and figure all of this out,” he said in an interview with the Kansas News Service.
What perplexes Haprov most is that the links hosted on government sites do not appear to be phishing expeditions, seeking sensitive information from individuals, or malware. The links are simply instructions on how to access explicit or dangerous content online.
“Generally when you talk about security breaches, most often you're talking about something that is cultivating data from somebody or a group of people,” he said. “In this case, that does not seem to be the issue.”
Granicus told KCWH there had not been a security breach or release of sensitive data. The company said certain public-facing services had been “abused” and automatically indexed on Google.
“Granicus takes this abuse very seriously and has implemented a block on our security platform to ensure that uploaded documents are no longer publicly reachable,” the company said in its statement.
Zane Irwin reports on politics, campaigns and elections for the Kansas News Service. You can email him at zaneirwin@kcur.org.
The Kansas News Service is a collaboration of KCUR, Kansas Public Radio, KMUW and High Plains Public Radio focused on health, the social determinants of health and their connection to public policy.
Kansas News Service stories and photos may be republished by news media at no cost with proper attribution and a link to ksnewsservice.org.
