The Oregon Department of Motor Vehicles confirmed Thursday that an estimated 3.5 million driver’s license and identification card files were compromised when the agency was hacked two weeks ago.
Agency spokesperson Michelle Godfrey said Thursday that the agency realized on Monday — four days ago — that the breach had extended to about 90% of the state’s driver’s license and ID card files.
The Oregonian/OregonLive first made inquiries about the security breach on Wednesday; DMV officials took nearly a day to respond with answers. Godfrey said the agency planned to wait until Friday to go public because officials are still preparing agency employees for how to respond to Oregonians’ questions and concerns about how to protect themselves.
Godfrey advised the public to monitor credit reports for signs of fraudulent activity.
Godfrey said state officials “became aware” on June 1 that the agency’s system had been hacked. Two hours later, the systems were “locked down,” she said.
“But we didn’t have any information about what data may have been affected at that time,” she said. “It’s taken days of analysis” to determine that the hack compromised the state’s driver license and ID records.
“That took it to a whole new level,” she said.
This report will be updated.
— Noelle Crombie; ncrombie@oregonian.com; 503-276-7184; @noellecrombie
Our journalism needs your support. Please become a subscriber today at OregonLive.com/subscribe