The Oregon Employment Department (OED) is notifying more than 850,000 individuals that their personal information – including Social Security numbers – may have been compromised during an intrusion into the agency’s website.
How many victims? 851,322.
What type of personal information? Social Security numbers, addresses, birth dates and other information typically found on job applications.
What happened? The OED received an anonymous tip regarding a vulnerability in the WorkSource Oregon Management Information System (WOMIS) and identified an intrusion in the agency’s website.
What was the response? After validating the information in the anonymous tip, OED shut down WOMIS. Steps were taken to correct the vulnerability and personal information was secured. WOMIS was brought back online with added security. All impacted individuals are being notified.
Details: OED responded to the anonymous tip on Oct. 6 and the system was brought back online that afternoon. The incident impacts people who registered with WorkSource Oregon to look for a job.
Quote: “We do not know if criminal activity has taken place,” according to the notification posted to the Oregon.gov website, which goes on to add, “OED has engaged with law enforcement to determine whether criminal activity has occurred.”
Source: oregon.gov, “OED Addresses Security Vulnerability,” Oct. 10, 2014; statesmanjournal.com, Statesman Journal, “850,000 records hacked at Oregon Employment Department,” Oct. 14, 2014.