After suspicious activity was detected on the department’s online licensing system in late January, it was temporarily shut down. This has caused significant problems for Washington-based professionals attempting to apply for, renew, or modify their licenses. It’s another grim reminder of the importance of using tools like password managers to improve your password security across multiple accounts, and ensuring multi-factor authentication is used where it can be.
What Happened During the Breach?
In a statement published last Friday, The Washington State Department of Licensing (DoL) revealed it became aware of “suspicious activity involving professional and occupational license data”. The DoL confirmed that it shut down POLARIS – the system holding the licensing data – on January 24, and began investigating with assistance from the Washington Office for CyberSecurity immediately. The impact of the breach remains unclear, and the agency is unsure as to whether the data was accessed.
What Data is Held in POLARIS?
Altogether, there are over 40 categories of businesses and professional licenses handed out by the Washington Department of Licensing. Sensitive data relating to individuals that work in 23 of those professions is held inside POLARIS, according to the Seattle Times. In total, roughly 257,000 individual licenses are held by the Washington State DoL via POLARIS. According to the department, the information that may have been accessed includes “social security numbers, dates of birth, driver license numbers, and other personally-identifying information.”
Has My Data Been Compromised?
If you’ve applied for a license in Washington state, you may be affected if it does materialize that data was copied or stolen. If you have one of these licenses, The Washington DoL advises all license holders to remain vigilant by reviewing their accounts, consider placing a fraud alert or security freeze on your credit file, and report any suspicious activity on your accounts immediately to the relevant authorities. It’s more crucial than ever that both businesses and individuals – in Washington state and beyond – make use of multi-factor authentication features available on banking, social media, and other sites they hold accounts with, as well as other security tools like password managers. last year was a record-setting one for data breaches, and there will be even more to come in 2022.