Buyers of Oregon state hunting and fishing licenses whose personal information may have been compromised by a data breach are being notified by letter and receiving identity protection services, the Oregon Department of Fish and Wildlife said Thursday.
ACTIVE Network, the department’s online hunting and fishing license sales vendor, agreed to mail information to an estimated 1 million ODFW customers who created “customer profiles” in the license system before July 2007.
Those who made their first license purchase after September 2007 are not at risk. ACTIVE Network has agreed to provide a customer call center and identity protection services to those whose data was potentially compromised.
Details of those services are provided in the notification letters, according to ACTIVE. About two weeks ago, Oregon received messages from a person who claimed to have accessed customer data in the three states’ systems, which are all operated by ACTIVE Network.
Investigations by ACTIVE Network and the state of Oregon’s Enterprise Security Office (ESO) found that Social Security numbers and credit card information were not exposed but that driver license numbers were accessed, as well as name, gender, date-of-birth, address, telephone and email.
Network security specialists identified and patched all vulnerabilities after unauthorized access of the system was discovered on Aug. 23.
For more information about consumer protection, go to the Oregon Department of Justice Consumer Protection website.