I doubt it was "sophisticated." Their employer portal site is vulnerable to POODLE and a bunch of other issues, according to SSLLabs. Also they seem to be using mixed unencrypted and HTTPS content on their state login sites.