The Oregon Employment Department (OED) is investigating a network intrusion that occurred earlier this week on Monday, October 7.
An anonymous tip was sent to the organization notifying them of a security vulnerability in the WorkSource Oregon Management Information System (WOMIS) where users of the system register for job searches and related services.
The information that may have been compromised includes name, addresses and Social Security Numbers.
The department has not yet provided information on the number of records compromised, nor the full scope of the breach if other systems may have been affected.
In an internal document, the organization stated that the vulnerable system was taken down on Monday to patch the vulnerability in the WOMIS application. The system is now back up, as the department also stated additional measures were taken to “reinforce the WOMIS system.”
The OED has engaged with law enforcement to determine whether criminal activity has occurred, with additional investigations still under way.