PORTLAND Ore. (KPTV) - A massive global data breach has exposed the personal information of millions of Oregonians who have a DMV-issued identification card. Airlines, banks, universities, foreign governments, other state-level agencies, and more, were all also impacted by the attack.
From what officials have shared with FOX 12 so far, the breach actually happened weeks ago back in May. The Oregon DMV was made aware of it on June 1.
RELATED: Personal data of 3.5 million people possibly leaked in Oregon DMV hack
Following Oregon Department of Transportation’s announcement Thursday that personal information of about 3.5 million residents may have been compromised in an international software hack, Oregonians have expressed their displeasure.
“I do keep track of my stuff online because it’s so scary,” said Patricia Schwedler, who lives in Oregon.
“Definitely sucks and it can end up in the wrong hands,” another resident, Christian Tran, said.
On Thursday, June 1, ODOT was alerted by the Cybersecurity and Infrastructure Security Agency that a popular file transfer tool called MOVEit could lead to potential unauthorized access to user systems.
“We immediately shut down our system and secured it,” Michelle Godfrey, ODOT Public Information Officer, said.
“Our understanding of the data impacted is not easy. It wasn’t until a few days ago, Monday, June 12TH that we learned the data breach included data being reported to you today,” Thomas Amato, ODOT’s Chief Information Officer, said.
When asked about the delayed notification to the public, ODOT said it took a few days to prepare DMV staff to answer questions appropriately.
“If you have an Oregon driver’s license, ID, driver’s permit you can assume that data associated with that credential has been compromised,” Amy Joyce, ODOT’s DMV Administrator, said. “It could include things beyond what’s printed on the card itself.”
ODOT recommends monitoring your credit and potentially locking your credit.
DMV customers feel more needs to be done to help those who may be impacted by the breach.
“I just don’t think that’s enough. Something definitely needs to be done,” Michele, who lives in Oregon, said.
The Washington state Department of Licensing has not been affected by the breach, according to Washington state officials.
ODOT said if you think you may have been affected, here’s what you should do now:
Under federal law, you have the right to receive, at your request, a free copy of your credit report every 12 months from each of the three consumer credit reporting companies. A credit report can provide information about those who have received your credit history. You may request a free credit report online at www.annualcreditreport.com or by telephone at 1-877-322-8228.
When you receive your credit reports, check for any transactions or accounts that you do not recognize. If you see anything you do not understand, call the telephone number listed on the credit report or visit the Federal Trade Commission’s Web site on identity theft at http://www.consumer.gov/idtheft/. Additionally, you may wish to ask each of the three credit monitoring agencies to freeze your credit files.
