Washington State Department of Licensing Pwned By Hackers…. And A Resulting Database Breach May Have Exposed The Personal Info Of Millions

The Washington State Department of Licensing has reported a database breach which has potentially exposed personal information of millions of licensed professionals, ranging from real estate agents to auctioneers, after it detected suspicious activity on its online licensing system:

During the week of Jan. 24, 2022, the Department of Licensing (DOL) became aware of suspicious activity involving professional and occupational license data. We immediately began investigating with the assistance of the Washington Office of Cybersecurity. As a precaution, DOL also shut down the Professional Online Licensing and Regulatory Information System (POLARIS) to protect the personal information of professional licensees.

At this time, we have no indication that any other DOL data was affected, such as driver and vehicle licensing information. All other DOL systems are operating normally.

We are working with the Washington Office of Cybersecurity to protect the licensing data and bring POLARIS back online as soon as possible. With the support and assistance of nationally recognized cybersecurity experts, we are investigating what happened and what data and people may be affected.

This isn’t a good look for Washington State. And I’d love to know what data was exposed or stolen. And Saryu Nayyar, CEO and Founder, Gurucul agrees with me.:

“While there are few details in the report, it appears that very sensitive personal data has been stolen, including social security numbers. Detecting a massive data set stolen is rare. Often organizations are blind to data being stolen over periods of time till it becomes apparent a large set of data has been stolen. Attackers effectively hide and trickle out data in many cases because most traditional SIEM or XDR solutions have great difficulty in understanding this trickle is part of a large attack campaign. Organizations need to research solutions that are more effective at not just thwarting attacker efforts early in the kill chain before data is exfiltrated, but can correlate small bursts of activity spread across time as a long-standing data theft operation by a clever threat actor.”

Hopefully Washington State investigates this fully and presents the results to the public. That way everyone knows how bad this breach is.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: