Washington State Database Hack Exposes Sensitive Data of 6,50,000 People

The hack was detected on January 24 and disclosed last week.

By Associated Press | Updated: 12 February 2022 13:19 IST

Washington State Database Hack Exposes Sensitive Data of 6,50,000 People

Photo Credit: Reuters

Authorities initially believed 2,57,000 users were affected by the breach

Highlights

Washington state professionals and business owners' data was breached
Social Security numbers, driver’s licenses, and birth dates were leaked
The breach which was detected on January 24 and disclosed last week

Investigators believe hackers stole at least some of the Social Security numbers and other sensitive personal data of 650,000 current and former Washington state professionals and business owners during a breach of a state database. The Seattle Times reports the Department of Licensing officials confirmed the figures Friday. The breach, which was detected January 24 and disclosed last week, affected personal data in active, expired, revoked or suspended licenses for 23 of the 39 professions and businesses that require state licensing.

Affected data included such information as Social Security numbers, driver's license numbers, and dates of birth. Data from the department's driver's license system wasn't affected, agency officials said.

“Based on our investigation, (Department of Licensing) has sufficient reason to believe the Professional and Business Licensing System was accessed, and records were acquired without authorization,” the agency said in an updated statement on its website.

Google Chrome Users Warned by Government of Being Vulnerable to Attacks

The database is maintained by Salesforce, a San Francisco software company.

The agency will begin notifying individuals who were potentially affected by the breach and providing them with credit monitoring and identity theft protection.

Agency officials had initially said that the breach might have exposed the data of at least the 2,57,000 individuals' active licenses in the system but acknowledged that the full number was likely larger. Friday's estimate grew to 6,50,000 because it included individuals with non-active licenses, and also because a single business license can include information for multiple individuals, Olson said.

North Korea Stole Funds From Crypto Exchanges to Fund Weapon Tests: UN

Investigators still haven't determined whether the potential breach occurred within the agency, in the database or in some other part of the data system, said agency spokesperson Nathan Olson.

On Monday, a Salesforce spokesperson said that, “at this time, we have no evidence of a vulnerability inherent to the Salesforce platform.”

The breach remains under investigation by the state Office of Cybersecurity, the state Attorney General's Office and a third-party cybersecurity firm, CrowdStrike, Department of Licensing officials said.

Do Samsung's Galaxy S22 and Tab S8 series have any Android competition? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.