If you’ve been following the WikiLeaks saga, one lesson to come from it is the ease by which so-called hactivists—who want to punish Visa, Mastercard, Amazon, and PayPal for cutting off donations to the website—can assemble their forces to create computer problems (via Wired). Now, a state audit finds that Colorado’s computer systems are at “high risk” for an online attack after a security firm discovered vulnerabilities during a recent test, gaining access to thousands of documents containing residents’ personal information, such as Social Security numbers, dates of birth, and income levels. The audit also identifies that 12 of 20 state agencies failed to submit plans outlining computer security measures to the state’s Cyber Security office, as required by law, according to The Denver Post.

The audit, completed for the state’s Legislative Audit Committee, additionally points out that while there have been 43 reported cyber-security breaches since 2006, the number is probably higher. Dara Hessee, the chief of staff for Governor Bill Ritter’s Office of Information Technology, says state officials have taken steps toward fixing the vulnerabilities revealed in the audit and are also working on longer-term issues. She adds, however, that money is needed: State officials estimate that it could take $40 million to implement the best cyber-security plan, but the office has a budget of just $400,000.