Personal information for nearly 3.5 million Oregonians could be vulnerable to a June 1st international “MOVEit” data breach. LWVOR supports increased cybersecurity awareness, by educating individual consumers and advocating in the state Legislature.
Here’s what happened
A cyber attack exploited vulnerable software Oregon Department of Transportation (ODOT) uses from a private vendor. ODOT uses “MOVEit” to securely transfer files and internal data. The vulnerability enabled hackers’ access to entire systems. Hundreds of government agencies and private companies that use this software have been affected by this global breach.
According to ODOT, we should assume active Oregon driver's license drivers’ permit, and ID card information is part of this breach.
ODOT imposed additional security measures to safeguard their systems when they learned of the MOVEit vulnerability. But defenses were breached for a significant amount of Oregon DMV data, from millions of Oregonians. While much of this information is available publicly, some of it is sensitive personal information. According to ODOT, we should assume active Oregon driver's license, driver’s permit, and ID card information is part of this breach.
Make sure your personal information is not misused.
Check your Credit Report(s). ODOT urges Oregonians to monitor their credit reports. Under federal law, you have the right to a free credit report every 12 months from each of the three consumer credit reporting companies. You have to ask for them at www.annualcreditreport.com or call: 1-877-322-8228.
Check report entries. Recognize the transactions or accounts? See who got your credit history. If you see anything you don’t understand, call the phone number on the credit report or visit the Federal Trade Commission’s Recovering From Identity Theft.
If necessary, ask each credit monitoring agency to freeze your credit files:
Start with Ask ODOT, for information, services or resolving ODOT issues.