Ore. Employment Dept. stops Web ‘security intrusion’

The Oregon Employment Department said late Friday it has identified and stopped an intrusion into the agency’s website.

On Monday, the department responded to an anonymous tip alleging a security vulnerability in the WorkSource Oregon Management Information System, an application where customers may register for job search help and other services.

Officials said the system does not affect the filing of unemployment insurance claims. It impacts people who registered with WorkSource Oregon to look for a job.

The first priority, they said, is to secure all personal information, regardless of whether it had been compromised.

Work began immediately Monday morning — in coordination with the state’s Chief Information Office — to validate the information in the anonymous tip.

Once validated, WOMIS was shut down while steps were taken to correct the security vulnerability to eliminate the possibility of retrieving social security information.

The personal information was then secured to prevent any further threats. The system was brought back online with added security Monday afternoon. The site is now up and running with a repaired and reinforced WOMIS system, the agency said.

The second priority is to determine exactly whose information has been compromised and to initiate a criminal investigation. We do not know if criminal activity has taken place.

At the direction of Governor Kitzhaber, law enforcement has been contacted. OED will directly notify all customers who are WOMIS participants.

OED has engaged with law enforcement to determine whether criminal activity has occurred. We will keep the public and media informed as new information becomes available.

OED has established a dedicated hotline for inquiries, 1-877-643-4322. Staff has been redeployed and will be available special Saturday hours on October 11 from 8:00 a.m. – 5:00 p.m. and Monday – Friday, 8:00 a.m. – 5:00 p.m.