If you hold a commercial driver's license issued by the state of Louisiana or have your truck registered there, you may wish to be on high alert for the possibility of identity theft.
The office of Gov. John Bel Edwards is warning that the state's Office of Motor Vehicles is among many government offices, businesses, and other organizations that have fallen victim to a major data breach of the MOVEit file transfer service.
The governor's office said that there's no indication that cyber attackers who breached MOVEit have sold, used, shared or released the OMV data obtained from the MOVEit attack. The cyber attackers have not contacted the state government.
The attack appears to have been conducted by the Russian ransomware gang known as Clop. Their other victims are major financial services companies in this country and abroad, as well as universities and manufacturers.
However, Bel Edwards said all Louisianans should take immediate steps to safeguard their identity.
A statement from the governor said OMV believes that all Louisianans with a state-issued driver’s license, ID, or car registration have likely had the following data exposed to the cyber attackers:
- Name
- Address
- Social Security Number
- Birthdate
- Height
- Eye Color
- Driver’s License Number
- Vehicle Registration Information
- Handicap Placard Information
The state suggests all Louisians do the following:
1. Prevent Unauthorized New Account Openings or Loans and Monitor Your Credit
Individuals can freeze and unfreeze their credit for free, which stops others from opening new accounts and borrowing money in your name. Freezing your credit does not prevent the use of any existing credit cards or bank accounts. Freezing your credit may be done quickly online or by contacting the three major credit bureaus by phone:
Experian1-888-397-3742www.experian.com/freeze Equifax1-800-685-1111www.equifax.com/personal/credit-report-services/credit-freeze/TransUnion(888) 909-8872www.transunion.com/credit-freeze
Also request and review your credit report from these agencies to look for suspicious activity.
2. Change All Passwords
As an additional precaution, consider changing all passwords for online accounts (examples: banking, social media, and healthcare portals) in the event your personal data was used to access these accounts. Utilize multi-factor authentication when able. Learn more about password protection at www.CISA.gov.
3. Protect Your Tax Refund and Returns with the Internal Revenue Service
To prevent someone else from filing returns or receiving your federal tax refund, request an “Identity Protection Pin” from the Internal Revenue Service by signing up at: https://www.irs.gov/identity-theft-fraud-scams/get-an-identity-protection-pin or calling the IRS at 1-800-829-1040.
4. Check your Social Security Benefits
All individuals who are eligible, applied for, and/or are receiving social security benefits (including disability), please consider registering for a ssa.gov account at https://www.ssa.gov/myaccount/ to stop others from stealing your benefits. If you suspect Social Security fraud, call the Office of Inspector General hotline at 1-800-269-0271, Social Security Administration at 1-800-772-1213 or file a complaint online at oig.ssa.gov.
5. Report Suspected Identity Theft
If you suspect any abnormal activity involving your data, including financial information, contact the Federal Trade Commission at 1-877-FTC-HELP or visit www.ReportFraud.FTC.gov immediately.