Data Breach Occurrence at Illinois Department of Transportation

Slide Note
Embed
Share

A data breach at the Illinois Department of Transportation exposed social security numbers and employee identification numbers of all current and former employees. The breach was discovered on April 14, 2022, after being visible from April 6, 2022. The breached file was located on an internal IDOT website called InsideIDOT. Immediate actions post-breach included file removal, restricting access, risk analysis, and notifications to various authorities and affected individuals. Recommendations for protecting identity and steps for credit report verification are provided.

dayn_766
dayn_766 Follow

Uploaded on Sep 19, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Data Breach Occurrence Yangsu Kim Chief Counsel, Illinois Department of Transportation

  2. Webinar Housekeeping Items This webinar is being recorded. If you have questions, please type them into the Q&A feature at the bottom of the screen. There will be time at the end for questions from phone callers. If you re calling in and wish to ask a question at that time, please raise your hand by pressing *3. Questions will be answered at the end of the webinar.

  3. The Breach Occurrence WHAT happened an IDOT employee inadvertently placed a file in InsideIDOT without the proper access permissions was exposed: your SSN and, depending on your date of hire, your employee identification number WHO was affected by the breach? All current and former IDOT employees WHEN was the breach discovered? April 14; Data had been visible from April 6, 2022 through April 14, 2022 WHERE was the file located? Internal IDOT website called InsideIDOT HOW could someone see my information? InsideIDOT has a search box, similar to an internal Google search box, and if a user entered an employee s full name, the search results may have included your first and last names, your SSN, and potentially your EID.

  4. What did IDOT do after the breach? Removed file upon discovery Limited access to authorized staff Analysis of cause and risk Notices: General Assembly, Attorney General, Credit Reporting Agencies, and Potentially Affected Individuals

  5. PROTECTING YOUR IDENTITY Get Your Credit Report Get Your Credit Report Confirm the information is correct Equifax Equifax Experian Experian TransUnion TransUnion Are your prior addresses correct? Is your name correct, including any past names, such as maiden names? Is your Social Security Number correct? Are there any credit accounts that don t look familiar? Are the balances for your accounts correct? 888-378-4329 888-397-3742 833-395-6938 www.equifax.com www.experian.com www.transunion.com Contact the credit bureaus if any information is incorrect

  6. PROTECTING YOUR IDENTITY Credit monitoring each bureau is required to provide you with a free credit report yearly. Stagger your requests for every four months to get a complete year of monitoring for yourself. Many credit card and banks offer credit monitoring as part of their suite of services for consumers.

  7. PROTECTING YOUR IDENTITY Put a FRAUD ALERT on your credit sends a lender a notification that you have a fraud alert on your credit and requires the lender to take certain steps to confirm your identity. Temporary 1 year Active-duty 1 year and renewable to match duration of deployment Extended 7 years You only need to contact one bureau; that one will contact the other two bureaus.

  8. PROTECTING YOUR IDENTITY Put a CREDIT FREEZE on your credit new lenders cannot see your credit report so new accounts in your name can t be open until the freeze is lifted. Lifting the freeze requires you to use a special password-protected account or PIN. You will need to contact each bureau to put a freeze on your credit Credit freezes are governed by federal law. Each bureau also offers commercial products that act similarly to a credit freeze.

  9. PROTECTING YOUR IDENTITY: Digital Hygiene Choose a password that is difficult for someone to guess. The most common passwords include: 123456 123456789 qwerty (first 6 top letters on a keyboard) password Change your password on a regular basis Do not use a password you will forget Do not use a sports team name or pop culture references yankees superman Do not use passwords with information that can be gleaned from your credit report birthdates maiden name prior street names

  10. PROTECTING YOUR IDENTITY: Digital Hygiene Two-Factor Authentication Use a different cell phone number or email method that is separate from your primary number or email Social Media Use a different name, if possible Do not post photos of you or your loved ones Do not post personal information about yourself; maiden name, location, alma maters Verify Authenticity of Emails Asking for Personal Information Do not ask the sender if the email is legitimate

  11. Questions? Yangsu Kim Chief Counsel, IDOT yangsu.kim2@illinois.gov

Related


Illinois Sexual Harassment Prevention Training Version 2.0 by State of Illinois Department of Human Rights

Illinois Sexual Harassment Prevention Training Version 2.0 by State of Illinois Department of Human Rights

sufyan
Understanding Alabama Data Breach Notification Act for County Governments

Understanding Alabama Data Breach Notification Act for County Governments

cromartie_l
Developing the Illinois Early Childhood Participation Data Set

Developing the Illinois Early Childhood Participation Data Set

mcmains_k
Effective Method to Protect Web Servers Against Breach Attacks

Effective Method to Protect Web Servers Against Breach Attacks

birr_tt
Data Breach Exercise: Responding to a School District Breach

Data Breach Exercise: Responding to a School District Breach

owais
Postsecondary Data Breach Exercise: Prepare for the Unexpected!

Postsecondary Data Breach Exercise: Prepare for the Unexpected!

althea
Essential Steps for Personal Data Breach Management

Essential Steps for Personal Data Breach Management

alayah
Understanding Regional Coordination for Accessible Transportation

Understanding Regional Coordination for Accessible Transportation

atau
GBIF Data Insights and Trends Report for 2018

GBIF Data Insights and Trends Report for 2018

myro_687
Understanding Breach of Confidence and Privacy Rights in English Law

Understanding Breach of Confidence and Privacy Rights in English Law

teodor
Legal Case Study: Compensation for Breach of Promise

Legal Case Study: Compensation for Breach of Promise

crumbley_y
Legal Dispute Between Walker & Co. and Harrison: Contract Breach Analysis

Legal Dispute Between Walker & Co. and Harrison: Contract Breach Analysis

saor_844
Understanding Breach of Confidence and Privacy Rights in Legal Context

Understanding Breach of Confidence and Privacy Rights in Legal Context

harmo
Maine DHHS Transportation Programs Overview

Maine DHHS Transportation Programs Overview

surya
Understanding Transportation and Assignment Problem

Understanding Transportation and Assignment Problem

hirh
Enhancing Livability in Sudbury Through Transportation Initiatives

Enhancing Livability in Sudbury Through Transportation Initiatives

jaly553
Regulation and Permitting of Construction and Demolition Recycling in Illinois

Regulation and Permitting of Construction and Demolition Recycling in Illinois

anaya
Protecting Illinois's Environment: The Role of Illinois Environmental Council

Protecting Illinois's Environment: The Role of Illinois Environmental Council

srey_kir
Understanding the Domino's Data Breach Incident and Its Implications

Understanding the Domino's Data Breach Incident and Its Implications

yasmine
Illinois Department of Labor - Amusement Ride and Attraction Safety Updates

Illinois Department of Labor - Amusement Ride and Attraction Safety Updates

mic_sal
Funding Opportunities for Non-Motorized Transportation in South Carolina

Funding Opportunities for Non-Motorized Transportation in South Carolina

landyn
DHHS Coordination of Transportation Service Contracts Overview

DHHS Coordination of Transportation Service Contracts Overview

roen334
Can You Afford a Data Breach? Understanding the Risks and Consequences

Can You Afford a Data Breach? Understanding the Risks and Consequences

pray
Certification Process in Accordance with Part 132 - Illinois Department of Human Services

Certification Process in Accordance with Part 132 - Illinois Department of Human Services

indira

More Related Content

Illinois Department of Commerce & Economic Opportunity Grant Accountability & Transparency Act (GATA) Process
Illinois Department of Commerce & Economic Opportunity Grant Accountability & Transparency Act (GATA) Process
Importing TIMS Transportation Data into PowerSchool
Importing TIMS Transportation Data into PowerSchool
Privacy Breach Response and Reporting under the Health Information Act
Privacy Breach Response and Reporting under the Health Information Act
Illinois Unemployment Insurance Benefits Overview
Illinois Unemployment Insurance Benefits Overview
Insights into GBIF: Data Publishing and Web Traffic Analysis
Insights into GBIF: Data Publishing and Web Traffic Analysis
Insights into Global Biodiversity Data and Trends
Insights into Global Biodiversity Data and Trends
Privacy Breach Management Guide by Health PEI
Privacy Breach Management Guide by Health PEI
Contempt in the Family Jurisdiction with Respect to Breach of Orders
Contempt in the Family Jurisdiction with Respect to Breach of Orders
Understanding Professional Duties in Accountancy
Understanding Professional Duties in Accountancy
NHS Sussex Conflicts of Interest Breach Register Summary May 2024
NHS Sussex Conflicts of Interest Breach Register Summary May 2024
Traffic Safety Programs and Performance Measures in Illinois
Traffic Safety Programs and Performance Measures in Illinois
Cost Accounting Standards for Determining Transportation Costs
Cost Accounting Standards for Determining Transportation Costs
Understanding Transportation Programs and Trends
Understanding Transportation Programs and Trends
Richland County Transportation Improvement Summary
Richland County Transportation Improvement Summary
Overview of FAST Act for Transportation Planning
Overview of FAST Act for Transportation Planning
Tribal Transportation Program & Bipartisan Infrastructure Law Overview
Tribal Transportation Program & Bipartisan Infrastructure Law Overview
Enhancing Transportation Infrastructure Through Federal Funding Programs
Enhancing Transportation Infrastructure Through Federal Funding Programs
Addressing Transportation Gaps in Sudbury: A Livable Community Approach
Addressing Transportation Gaps in Sudbury: A Livable Community Approach
Regional Special Education Transportation (RSET) Program Overview
Regional Special Education Transportation (RSET) Program Overview
Understanding Pennsylvania's Medical Assistance Transportation Program (MATP)
Understanding Pennsylvania's Medical Assistance Transportation Program (MATP)
GBIF Statistics Report November 2018
GBIF Statistics Report November 2018
Guidebook for Managing Data from Emerging Technologies in Transportation
Guidebook for Managing Data from Emerging Technologies in Transportation
Florida Department of Transportation Projects Overview
Florida Department of Transportation Projects Overview
Understanding Guardianship and Decision-Making in Illinois
Understanding Guardianship and Decision-Making in Illinois