DHS sends thousands notices of email breach
Oregon's Department of Human Services sent notices Tuesday, June 18, to about 645,000 clients whose personal information was compromised in a January data breach.
The agency does not know if the compromised information, which includes personal health information, has been used inappropriately.
The department will pay for 12 months of identity theft monitoring and recovery services, including a $1 million insurance reimbursement policy, to people whose information was taken in the hack. Instructions on how to enroll in the MyIDCare service is included in the notification letter.
An email "phishing" attack hit DHS computers in early January. Nine employees clicked on a link that gave hackers access to their email accounts. In late January, the agency's Enterprise Security Office Cyber Security team confirmed the phishing incident was a data breach.
An initial review of the incident indicated that up to 2 million emails might have been involved. The agency announced the attack on March 21.
Quality local journalism takes time and money, which comes, in part, from paying readers. If you enjoy articles like this one, please consider supporting us.
(It costs just a few cents a day.)