Thursday, October 23, 2014

Oregon Employment Division breach

In the first part of October the database for the Oregon Employment Deparment was breached. Two weeks later I received a letter informing me that I was one of the affected, although it had been over 6 years since I used the WorkSource site.

I wasn't happy. Why had the state kept my info for so long and why did the media not report the breach till a week later and those affected weren't notified till after another week had passed.

Am also upset that the following article doesn't explain everything well: Oregon Employment Department notifies customers of data breach

So what all is lacking from the article?

According to the back of the form letter, one must first relog into WorkSoucre and change their password, hard to do if it has been over six years! Second call the company they are using for the credit monitoring and get their free service. Third, get a copy of their credit report, fourth sign up for another credit monitoring from one of the three big credit bureaus, and lastly sign up for credit fraud alerts via one of the three credit sites. And no...these are NOT free.

That is what angered me. If their so called free monitoring wasn't going to be enough, they should have admitted that. I am now going to be out some money using TransUnion and Equifax to have security freezes and Fraud Alerts on my credit. What the form doesn't say either is contacting ones various banks after all this to inform them before they attempt to look at your score, as they just might do if you call them and want your credit card payments reduced or apply for a loan. The letter also doesn't say one should alert the IRS, FTC, and other such government companies AHEAD of any possible id theft. Helps to cover your rear end.

The State of Oregon should be doing more.