Hackers steal info from Construction Contractors Board database
Oregon's Construction Contractors Board said a security breach last year compromised information in the online accounts of more than 8,000 contractors registered with the agency.
The breach affecting about 8,013 contractors occurred between Oct. 27 and Oct. 29, 2018. Most of the information in the accounts was limited to names, physical and email addresses and passwords. However, 466 of the accounts contained private data in the form of state-issued driver's license and identification card numbers.
The agency has no indication that the private information has been misused, Leslie Culpepper, the CCB's communications and education manager, said.
The breach was discovered in early April during a routine security audit. The agency said it has since taken steps to close the open route and beef up security to protect passwords.
The agency on Friday, May 17, sent contractors affected by the breach emails containing a link to reset their passwords, Culpepper said.
Contrators also have been sent letters with information about how to access identity theft protection and fully managed identification theft recovery services. The CCB will offer those services free for a year, according to the Culpepper.
This isn't the first time the agency's system has been hacked. A security breach in 2016 affected a "small number" of registered users, Culpepper said.