Cyber Incident Victim: Oregon Employment Department

On October 6, 2014, hackers illegally accessed the Oregon Employment Department's WorkSource Oregon Management Information System, compromising 851,322 confidential records out of the system's 1.9 million total records. The breach exposed sensitive personal information including Social Security numbers, addresses, birth dates, and standard job application details. The Employment Department received an anonymous tip about the intrusion, verified its validity, and immediately shut down the affected website that same day to implement security repairs. No financial information or unemployment insurance systems were impacted by the breach. The department waited four days before notifying the public, issuing a press release at 4:48 p.m. on Friday, October 10—12 minutes before state offices closed for the weekend.

Governor John Kitzhaber requested a criminal investigation, which the Oregon State Police Major Crimes Division undertook. While no evidence of identity theft was found at the time of disclosure, the department urged all system users to reset their passwords and established a dedicated hotline starting October 14 for individuals to verify whether their records were compromised. This marked the second major state data breach in 2014, following a February incident where hackers accessed bank account information through the Secretary of State's ORESTAR campaign finance database. The earlier breach had prompted a three-week website shutdown and an FBI investigation. The Employment Department's delayed disclosure timeline and the recurrence of high-profile breaches raised operational concerns about the state's cybersecurity protocols for systems containing sensitive citizen data.