Late on June 15th state agencies announced that the widespread cyberattack that hit the feds also compromised the info of millions of people in Louisiana and Oregon. This attack is especially devastating on the state level as it took aim at the ID aspects of these states.
In Oregon, 3.5 million residents with a driver’s license or state-issued ID are at risk of having their information exposed. In Louisiana, the damage is worse, as every person with a state-issued ID there is at risk. While no number has been released, the state has over 3 million licenses.
So far, no group has claimed responsibility, and the state departments have yet to pinpoint one. The attacks are consistent with those exhibited by a Russian ransomware gang, and so far, that’s where the efforts to locate the attackers have been focused.
This widespread hack looks to have impacted hundreds of organizations across the globe, as well as multiple federal agencies. So far, the US Department of Energy and British corporations like BBC and British Airways have reported being impacted, and Russian-speaking hackers claimed credit for those attacks. They have yet to make any demands but are known for their million-dollar ransoms.
In LA and OR, the data that has been exposed included social security and driver’s license numbers. Neither state has claimed to be contacted, nor has there been signs of the data that was compromised being sold or released onto the web.
Progress Software is responsible for the programs that have been compromised and has already located a second vulnerability in its code and is working diligently to fix it.