BELOW SUPERNAV drop zone ⇩

Data breach impacts 90% of Oregon driver’s licenses, state IDs

Here's what to do if your information was compromised

MAIN AREA TOP drop zone ⇩

MAIN AREA TOP drop zone ⇩

maylen

https://digital-stage.newsnationnow.com/

AUTO TEST CUSTOM HTML 20241114185800

AUTO TEST CUSTOM HTML 20241115200405

AUTO TEST CUSTOM HTML 20241118165728

AUTO TEST CUSTOM HTML 20241118184948

PORTLAND, Ore. (KOIN/AP) – The identities of approximately 3.5 million Oregonians are at risk after a data breach of the Oregon Department of Transportation left personal files compromised, the agency said Thursday.

ODOT says the hack, which impacts roughly 90% of the state’s driver’s license and ID card files, was part of a global data breach involving the data software MOVEit Transfer earlier this month.

As first reported by The Oregonian, the agency knew of their connection to the breach on Monday, planned to go public on Friday to prepare employees for incoming questions.

According to the agency, the DMV is not able to identify whether a specific individual’s data had been breached. However, they say all Oregonians with a driver’s license or Oregon ID should assume their information has been compromised. 

The ransomware syndicate behind the hack — Russian cyber-extortion gang Cl0p — announced last week on its dark web site that its victims, who it suggested numbered in the hundreds, had until Wednesday to get in touch to negotiate a ransom or risk having sensitive stolen data dumped online.

ODOT advises those with an Oregon ID or driver’s license to access their credit reports to check for any transactions or accounts you do not recognize.

To do so, you can request a copy of a credit report every 12 months from three consumer credit reporting companies – including Equifax, Experian and TransUnion – at annualcreditreport.com or by telephone at 1-877-322-8228. You can also request to freeze your credit files.

For more information, contact ODOT via email at AskODOT@odot.oregon.gov.

ODOT has used MOVEit Transfer since 2015. The scope of the data breach is still unclear, but the investigation is ongoing. The exploited program is widely used by businesses to securely share files. The parent company of its U.S. maker, Progress Software, alerted customers to the breach on May 31 and issued a patch. But cybersecurity researchers say scores if not hundreds of companies could by then have had sensitive data quietly exfiltrated.

The cybersecurity firm SecurityScorecard says it detected 2,500 vulnerable MOVEit servers across 790 organizations, including 200 government agencies. It said it was not able to break down those agencies by country.

This is far from the first time Cl0p has breached a file-transfer program to gain access to data it could then use to extort companies. Other instances include GoAnywhere servers in early 2023 and Accellion File Transfer Application devices in 2020 and 2021.

The Associated Press emailed Cl0p on Thursday asking what government agencies it had hacked. It did not receive a response, but the gang posted a new message on its dark web leak site saying: “We got a lot of emails about government data, we don’t have it we have completely deleted this information we are only interested in business.”

Cybersecurity experts say the Cl0p criminals are not to be trusted to keep their word. Allan Liska of the firm Recorded Future has said he is aware of at least three cases in which data stolen by ransomware crooks appeared on the dark web six to 10 months after victims paid ransoms.

AP reporters Sara Cline in Baton Rouge, Louisiana, and Nomaan Merchant and Rebecca Santana in Washington contributed to this report.

Cybersecurity

Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed

Site Settings Survey

 

MAIN AREA MIDDLE drop zone ⇩

Trending on NewsNation

AUTO TEST CUSTOM HTML 20241119133138

MAIN AREA BOTTOM drop zone ⇩

tt

KC Chiefs parade shooting: 1 dead, 21 shot including 9 kids | Morning in America

Witness of Chiefs parade shooting describes suspect | Banfield

Kansas City Chiefs parade shooting: Mom of 2 dead, over 20 shot | Banfield

WWE star Ashley Massaro 'threatened' by board to keep quiet about alleged rape: Friend | Banfield

Friend of WWE star: Ashley Massaro 'spent hours' sobbing after alleged rape | Banfield

Sunny

la

61°F Sunny Feels like 61°
Wind
2 mph WSW
Humidity
34%
Sunrise
Sunset

Tonight

Clear to partly cloudy. Low 47F. Winds light and variable.
47°F Clear to partly cloudy. Low 47F. Winds light and variable.
Wind
2 mph NNE
Precip
9%
Sunset
Moon Phase
Waning Gibbous