Oregon Contractors Construction Board hit with security breach impacting contractor accounts

• Unauthorized individuals gained illegal access to the agency’s databases between October 27 and October 29, 2018, which impacted nearly 8013 online contractor accounts.
• Out of the 8013 contractor accounts, 466 accounts contained personal information including names, email addresses, address, and password hashes, as well as ID numbers such as state ID or driver license.

The Oregon Contractors Construction Board suffered a security breach impacting almost 8013 online contractor accounts.

What is the issue?

CCB discovered on April 12, 2019, during a routine audit conducted by the Enterprise Security Office that unauthorized individuals gained illegal access to the agency’s databases between October 27 and October 29, 2018.

What was compromised?

Out of the 8013 contractor accounts, 466 accounts contained personal information including names, email addresses, address, and password hashes, as well as ID numbers such as state ID or driver license.

What is being done?

• Upon discovery, CCB took immediate measures to determine the scope of the incident.
• It also worked to stop unauthorized access to contractor accounts.
• The agency has enhanced its password protection security and is requesting contractors to reset their passwords.
• It is further providing 1-year free identity theft protection and fully managed ID theft recovery services to all impacted account holders.