Oregon DHS Notifies 645,000 People of Data Breach That Occurred in January 2019

• This number is significantly higher than the agency’s initial estimate in March which had indicated to be over 350,000.
• Initial investigations had confirmed that no malware was installed on department computers and no other email accounts were compromised.

The Oregon Department of Human Services has lately disclosed that it is notifying about 645,000 people about a data breach that occurred in January 2019. This number is significantly higher than the agency’s initial estimate in March which had indicated to be over 350,000.

How did the incident occur?

In its initial breach notification report, the DHS had revealed that the data breach occurred after a phishing email was sent to DHS employees on January 8. Nine employees had opened the email and clicked on the included link, which gave the hackers access to their email accounts. Upon discovery, access to these email accounts was stopped on January 28.

Initial investigations had confirmed that no malware was installed on department computers and no other email accounts were compromised.

Type of data compromised

The breached information potentially included first & last names, addresses, birth dates, Social Security numbers, case numbers, personal health information and other sensitive data of individuals. The initial review indicated that up to 2 million emails might have been affected in the breach.

Containing the breach

After discovering the breach, the department had hired a team of security experts and law enforcement agencies to investigate the matter. However, the department made the announcement of the breach even before the investigation was complete.

It was earlier this week that the department had finished investigating the matter.

What is being done?

The DHS is providing 12 months of identity monitoring and recovery services to the affected individuals. In addition, it is also providing a $1 million insurance reimbursement policy to people whose information was accessible. As a precautionary measure, the department has temporarily shut down the email web application.