{"id":1949,"date":"2019-04-02T10:33:21","date_gmt":"2019-04-02T10:33:21","guid":{"rendered":"https:\/\/schultzwebdesign.se\/CA\/?p=1949"},"modified":"2019-04-02T10:33:21","modified_gmt":"2019-04-02T10:33:21","slug":"oregons-dhs-hires-firm-to-assist-its-data-breached-clients","status":"publish","type":"post","link":"https:\/\/schultzwebdesign.se\/CA\/2019\/04\/02\/oregons-dhs-hires-firm-to-assist-its-data-breached-clients\/","title":{"rendered":"Oregon\u2019s DHS Hires Firm To Assist Its Data Breached Clients"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><a href=\"https:\/\/www.corvallisadvocate.com\/wp-content\/uploads\/2019\/03\/DHS-date-breach.jpg\"><img src=\"https:\/\/www.corvallisadvocate.com\/wp-content\/uploads\/2019\/03\/DHS-date-breach-1024x449.jpg\" alt=\"\" class=\"wp-image-24730\"\/><\/a><\/figure>\n\n\n\n<p>Oregon\u2019s\n DHS waited two months to reveal its clients\u2019 personal information had \nbeen compromised. Now, they\u2019ve hired a firm for $480,000 to assist up to\n 1 million clients&nbsp;<\/p>\n\n\n\n<p>On Thursday, March 21, the Oregon Department of Human Services\n (DHS) acknowledged that there was a breach of their systems in January,\n exposing 2 million email messages which may have contained sensitive \npersonal information such as the names, dates of birth, addresses and \neven case numbers of a currently undetermined number of the 1.6 million who use its services.&nbsp;<\/p>\n\n\n\n<p>DHS is responsible for the state\u2019s foster care, aging and disabilities, and food stamps programs.&nbsp;<\/p>\n\n\n\n<p>According to reporting, nine employees of DHS fell victim to a \u201cphishing\u201d attack. \u201cPhishing\u201d is one&nbsp;of the oldest types of email scams, where a message is made to&nbsp;seem legitimate, but its goal is&nbsp;to\n harvest login and access information from whoever uses the links \ninside. DHS says that their employees undergo training to prevent such \nbreaches, but DHS spokesperson Robert \nOakes said that \u201chuman error\u201d was a factor. Oakes described the attack \nas \u201can extremely sophisticated email attack on our system.\u201d&nbsp;<\/p>\n\n\n\n<p>Why DHS took months to report that this major data breach occurred is still unclear. The agency stated that\n the time gap was to assess the full impact of the attack before \ndisclosing the details. DHS is required by state law to disclose events \nlike this which have the potential to affect at least 350,000 people.&nbsp;<\/p>\n\n\n\n<p>DHS has retained a private firm,&nbsp;IDExperts, to&nbsp;do\n a \u201cforensic examination of the breach and help impacted clients.\u201d \nAccording to a number of statewide news organizations, their current \ncontract, at $480,000, provides for assisting up to one million people, \nwith an option to boost the contract if the exposure is greater than one\n million people. It is unclear so far \nwhether this means DHS is gearing up to handle a large-scale breach or \nif they simply want to ensure the breach is handled regardless of its \nultimate scope.&nbsp;<\/p>\n\n\n\n<p>This is the latest incident in which DHS has been criticized for&nbsp;a\n lack of transparency, after a report last month described the \nconditions Oregon foster children face in private, out-of-state \nfacilities. It is also the latest in a series of data breaches across \nmultiple sectors of the state government. There were security\n breaches in both the Secretary of State and the Employment Department \nin 2014, at the state\u2019s data center in 2015, and last year it was \nrevealed that an employee of the state tax agency copied the personal \ninformation of 36,000 people.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oregon\u2019s DHS waited two months to reveal its clients\u2019 personal information had been compromised. Now, they\u2019ve hired a firm for $480,000 to assist up to 1 million clients&nbsp; On Thursday, March 21, the Oregon Department of Human Services (DHS) acknowledged that there was a breach of their systems in January, exposing 2 million email messages [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1950,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6,7599],"tags":[],"_links":{"self":[{"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/posts\/1949"}],"collection":[{"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/comments?post=1949"}],"version-history":[{"count":1,"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/posts\/1949\/revisions"}],"predecessor-version":[{"id":1951,"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/posts\/1949\/revisions\/1951"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/media\/1950"}],"wp:attachment":[{"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/media?parent=1949"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/categories?post=1949"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/schultzwebdesign.se\/CA\/wp-json\/wp\/v2\/tags?post=1949"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}