The Oregon Department of Human Services said that a phishing incident has allowed unauthorized access to the personal information of clients in welfare and children's services programs.
The department said it hasn't confirmed that hackers obtained personal information and used it for identity theft.
Compromised client information potentially includes names, addresses, birth dates, Social Security numbers, and information about DHS programs.
After determining whose information was impacted by the breach, IDExperts will send notices to the impacted individuals with information about how to register for free credit monitoring.
TPRM report: https://scoringcyber.rankiteo.com/company/orhumanservices
"id": "ore74012323",
"linkid": "orhumanservices",
"type": "Data Leak",
"date": "03/2019",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Public Services',
'location': 'Oregon, USA',
'name': 'Oregon Department of Human Services',
'type': 'Government'}],
'attack_vector': 'Phishing Email',
'data_breach': {'personally_identifiable_information': ['names',
'addresses',
'birth dates',
'Social Security '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information']},
'description': 'A phishing incident allowed unauthorized access to the '
"personal information of clients in welfare and children's "
'services programs at the Oregon Department of Human Services.',
'impact': {'data_compromised': ['names',
'addresses',
'birth dates',
'Social Security numbers',
'information about DHS programs']},
'response': {'communication_strategy': ['Notices to impacted individuals with '
'information about how to register '
'for free credit monitoring'],
'third_party_assistance': ['IDExperts']},
'title': 'Phishing Incident at Oregon Department of Human Services',
'type': 'Phishing'}