Things to Know About the Oregon DMV Data Breach

June 22, 2023

If you have an Oregon Driver’s License or ID card you are probably the latest victim in the MoveIt Cyber data breach by a Russian Malware Cyber Gang.

On June 19th, the Oregon DOT announced that over 90% or 3.5 million Oregon residents may have had their personal information stolen in the latest MoveIt cyber data breach. MoveIt is a cyber security firm used by many government agencies and companies worldwide. While the Oregon DOT says they are not sure exactly what was stolen or what the gang wants with the information but believes ID pictures, addresses, phone numbers, driver’s license numbers, birthdates, and the last four of the social security number were all transferred illegally by a Russian malware cyber gang.

“I think for security purposes, we’re not going to discuss exactly what data points were potentially included in that file,” said Amato. “What we’re saying is if you have an Oregon driver’s license ID permit driver’s permit, you can assume that the data associated with that credential has been compromised.”

Michelle Godfrey, agency spokesperson said state officials “became aware” on June 1st that the agency’s system had been hacked. Two hours later, the systems were “locked down,” she said. They waited to announce to the public until the 16th of June.

Chief Information Officer Thomas Amato said the agency delayed informing the public, out of security concerns and because “we have been trying to put in place things to prepare Oregonians for this announcement. The announcement came as a shock to many Oregonians, while left wondering what to do next to protect their information.

Most corporations offer credit monitoring when they are victim of a security breach. It is common practice. But right now, the State of Oregon DOT says they suggest each person request free credit reports and watch their own credit to make sure no one can use your stolen information.

If you're concerned about protecting yourself against identity fraud due to the Oregon DMV data breach, there are several steps you can take to enhance your security and minimize the risk of identity theft or other related issues. Here are some suggestions:

  1. Monitor your accounts: Regularly review your bank statements, credit card statements, and any other financial accounts for any unauthorized transactions. Report any suspicious activity immediately to your financial institution.
  2. Change passwords: Update your passwords for all your online accounts, especially if you have used the same password for multiple services. Use strong, unique passwords that include a combination of letters, numbers, and special characters.
  3. Enable two-factor authentication (2FA): Activate 2FA wherever possible. This adds an extra layer of security by requiring a second verification step, usually through a text message, email, or authentication app, in addition to your password.
  4. Be cautious of phishing attempts: Be vigilant about unsolicited emails, messages, or phone calls that ask for personal information. Avoid clicking on suspicious links or downloading attachments from unknown sources.
  5. Monitor your credit reports: Request a free credit report from each of the major credit reporting agencies (Equifax, Experian, and TransUnion) and review them regularly. Look for any unauthorized accounts or inquiries and report them immediately.
  6. Consider a credit freeze or fraud alert: If you believe your personal information has been compromised, you can place a credit freeze or fraud alert on your credit file. A credit freeze restricts access to your credit report, making it harder for identity thieves to open accounts in your name. A fraud alert adds a layer of protection by requiring creditors to verify your identity before opening new accounts.
  7. Use identity theft protection services: Consider subscribing to an identity theft protection service that can help monitor your personal information, provide credit monitoring, and assist in the event of identity theft.
  8. Stay updated on news and notifications: Keep an eye on news updates regarding the Oregon DMV data breach. The DMV or other relevant authorities may provide information on the breach, potential risks, and steps you can take to protect yourself.
  9. Educate yourself about scams: Stay informed about common frauds and techniques used by cybercriminals to trick individuals into revealing personal information. Awareness can help you avoid falling victim to such scams.
  10. Report any suspicious activity: If you notice any signs of identity theft or believe your information is being misused, report it to the Oregon DMV, your local law enforcement agency, and the Federal Trade Commission (FTC) through their official reporting channels.

Remember, prevention and vigilance are key to protecting yourself against data breaches. Regularly monitoring your accounts and taking proactive steps to secure your personal information can significantly reduce the impact of a potential breach.