Massive DHS data breach raises questions about Oregon’s cybersecurity protocols

A January data breach at the Department of Human Services exposed the confidential information of an eye-popping 645,000 Oregonians. Those people whose personal data was compromised were left with many questions. But the massive breach raised an even bigger question for everyone else: What are state officials doing to protect the information stored on government computers about virtually everyone in Oregon? State officials say they are working to address the problem, in particular with a new agency that provides data tracking and training, among other cybersecurity initiatives. Yet despite that work -- and procedures in place within individual agencies -- the security lapses continue. And instead of disciplining employees at fault, state officials say they focus on training. Unfortunately for consumers, training doesn’t prevent mistakes that can bring a lifetime of hassle. What’s particularly alarming about data breaches, whether in the public or private sector, is how released information can be used to create bank and credit accounts, said Charlie Fisher, state director of the Oregon State Public Interest Research Group, or OSPIRG, a consumer advocacy group based in Portland.