An estimated 3.5 million Oregon residents are being notified that their personal information was compromised when hackers were able to exploit a vulnerability in a secure file-transfer tool used by the Oregon Department of Transportation.
The sensitive personal data of approximately 3.5 million people has been compromised as a result of a zero-day vulnerability in a software tool created by Progress Software, LLC. Now, residents’ full names, addresses and other personal information may be in the hands of criminals who can use the stolen information to commit identity theft and other frauds.
The data breach attorneys at Console & Associates, P.C. are actively investigating claims on behalf of Oregon residents, hoping to inform them of the risks they face as a result of the breach and what their legal rights are in its aftermath.
On June 15, 2023, ODOT posted a public notice on its website describing a third-party data breach affecting those who have either an Oregon driver’s license or identification card. ODOT explained that the incident resulted from a vulnerability in managed file transfer software created by Progress Software, called MOVEit. Evidently, Progress Software notified ODOT of the vulnerability and potential breach on June 1, 2023. In turn, ODOT conducted an investigation confirming that the hackers responsible for the breach were able to access ODOT data.
According to ODOT’s notice, the data breach affected an estimated 3,500,000 Oregonians.
The list of sensitive information that was exposed includes:
- Names,
- Home addresses,
- Mailing addresses,
- Driver’s license numbers,
- State identification card numbers, and
- The last four digits of Social Security numbers.
If you receive a data breach notice from ODOT, you could now be at risk of identity theft—and the life-changing financial and legal consequences that follow in its wake. This is especially the case because, at this time, ODOT is not providing complimentary credit monitoring or identity theft protection.
What to Do if You Receive an ODOT Data Breach Letter
Individuals who receive a data breach letter from the Oregon Department of Transportation should take all necessary steps to protect themselves. (See the Guide for Victims of Data Breach for more details here.) Additionally, data breach victims should consider speaking with a data breach lawyer immediately. Those individuals in receipt of an ODOT data breach letter may be entitled to financial compensation.
If you wish to discuss this data security incident, or if you have any questions regarding your rights following the ODOT data breach, please contact Console & Associates, P.C. at (866) 778-5500. Interested parties and potential plaintiffs can also learn more about this data breach and potential lawsuit here.
Anyone who has received a Notice of Data Breach letter may contact the firm to learn more about their rights.