The Oregon Driver and Motor Vehicle Services confirmed Thursday that an estimated 3.5 million driver’s license and identification card files were compromised when the agency was hacked two weeks ago.
Agency spokesperson Michelle Godfrey said Thursday that the agency realized on Monday — four days ago — that the breach had extended to about 90% of the state’s driver’s license and ID card files.
The Oregonian/OregonLive first made inquiries about the security breach on Wednesday; DMV officials took nearly a day to respond with answers. Godfrey said the agency planned to wait until Friday to go public because officials are still preparing agency employees for how to respond to Oregonians’ questions and concerns about how to protect themselves.
Godfrey advised the public to monitor credit reports for signs of fraudulent activity.
Godfrey said state officials “became aware” on June 1 that the agency’s system had been hacked. Two hours later, the systems were “locked down,” she said.
“But we didn’t have any information about what data may have been affected at that time,” she said. “It’s taken days of analysis” to determine that the hack compromised the state’s driver license and ID records.
“That took it to a whole new level,” she said.
After the news organization’s inquiry, the Department of Transportation issued a press release saying the agency was among “many organizations” affected by the breach as a result of a “global hack of the data transfer software MOVEit Transfer.”
I'd snark about government incompetence, but there's really no evidence that private business do significantly better. It's just that governments tend to have bigger data bases to target.
No comments:
Post a Comment