OLYMPIA, Wash. — The Washington state Administrative Office of the Courts was hacked in February, and up to 160,000 Social Security numbers and 1 million driver license numbers may have been accessed during the data breach of its public website.
Officials with the courts announced today that so far, it has been confirmed that 94 Social Security numbers were obtained. Initially, authorities didn’t think confidential information was taken, but following an investigation by the Multi-State Information Sharing and Analysis Center, the broader breach was confirmed in April, said courts spokeswoman Wendy Ferrell.
Ferrell said that once the breach was confirmed, it took additional time to go through the files, while at the same time increasing security to the website. The 94 known names breached are being contacted by letter, she said. The rest of the people who are potentially affected come from a defined group:
— Those booked into a city or county jail within the state of Washington between September 2011 and December 2012 may have had their name and Social Security number accessed.
— Names and driver’s license numbers may have been obtained from people who received a DUI citation in Washington state between 1989 through 2011; had a traffic case in Washington filed or resolved in a district or municipal court between 2011 and 2012; or had a superior court criminal case in Washington state that was filed against them or resolved between 2011 and 2012.
Ferrell said no one from the Administrative Office of the Courts or any court in Washington state will be asking for personal information over the phone or via email related to the breach.
State officials have set up a website and hotline to answer public questions about the break: www.courts.wa.gov/databreach and 1-800-448-5584.
Ferrell said that there is no active law enforcement investigation at this time, but people who believe they are at risk should take precautions to monitor credit.
Michael Cockrill, the state’s chief information officer, said that security experts have determined there were no breaches at state agencies, which are on a separate network.
“Cybersecurity and cyberterrorism attacks continue to rise in number and sophistication every year, affecting the private and public sector, and countless individuals,” Cockrill said in a written statement. “The AOC data breach is a sobering reminder for every branch and every level of government that protection of personal and confidential data entrusted to government is a paramount responsibility.”
Cockrill said that Gov. Jay Inslee has directed his office and Consolidated Technology Services in the executive branch to assist the Office of the Courts to enhance the security of its judicial data.