Sunday, August 28, 2016

No! Not Fishing Licenses!

The latest government data breach came from (wait for it…) fishing licenses
While it’s painful to admit, incidents of data hacking which expose personal data entrusted to the government are so common these days as to barely merit a headline. There’s been yet another breach this year and it’s not one which is likely to make a big splash in the media unless you happen to be an avid fisherman. In three northwestern states, the issuing of new fishing licenses had to be suspended recently because hackers attempted to access the database of information on anglers. How much – if any – data they obtained is not yet known, but there’s enough information in those files to have consumers worried. (AT&T Live News)
A breach in a vendor’s system that processes online sales of hunting and fishing licenses in Idaho, Oregon and Washington state exposed several million records containing buyers’ personal information, officials said Friday.
The U.S. Department of Homeland Security and FBI are investigating the hack into Dallas-based Active Network, the Washington State Office of Cyber Security said in a statement. Washington halted all sales earlier this week, allowing anglers to fish license-free, while Idaho and Oregon have stopped only online sales…
Active Network, whose event and activity management software is used by tens of thousands of event organizers nationwide, including marathons and other races, said the potential threat was isolated to fishing and hunting licensing systems in the three states.
The data which was potentially exposed might not be as serious for consumers as a credit card or tax database being breached, but it was nothing to sneeze at either. The system included the names, addresses, driver’s license numbers, dates of birth and the last four digits of Social Security numbers of license holders. For any clever identity thieves, that’s a very solid starting point (particularly when combined with other discoveries) to build up a profile and hack into somebody’s accounts. When you consider the inclusion of home addresses tied to real names it’s also a treasure trove for stalkers.
It's not my home state (yet), so I'm not in danger, as far as I know. However, I assume the only reason anyone's "personal data" have not been hacked is that no one is trying. Our's was certainly hacked in the gigantic OPM hack where the federal government was "extremely careless" with the personal data of millions of government workers, or, as in our case, people who had a peripheral relationship with the government.

No comments:

Post a Comment