omv hack

Check out the latest tech talk specifically about the OMV Hack here:

If you live in the Louisiana area, you have probably heard about the recent cyber hack on the Office of Motor Vehicles on June 15th, 2023. The governor’s office put out a note here in Louisiana that there was a really good reason to believe that they had been caught up in the MOVEit data breach move it was or is a piece of software that transfers data from one, one end to the other. And at this point, like today, most researchers are saying that upwards of 15 million individuals whose data was compromised in the MOVEit data breach, not just here in Louisiana and OMV.

Specifically, here in Louisiana, using that software vulnerability, what we are told was breached by the Office of motor vehicle systems was that the name, address, social security number, birthdate height, eye color, driver’s license number, vehicle registration information, and even the handicap information for pretty much everybody that has ever had a driver’s license or registered vehicle here in Louisiana. Why is this important? And why do you care? Because it’s not your password for your email, right?

Well, if you think about that list of pieces of data, it’s pretty much everything that a criminal would need to go file for a mortgage, bank loan credit card, it’s most of the information that a criminal would need to do things like to steal the title to your house, which that’s been happening a lot nowadays, it’s called Title theft or, and if you think about it, kind of extending the conversation. This is foundational information for what a hacker or criminal of just any, you know, even not an online criminal but just any kind of criminal would need to cause you a lot of problems just in your personal life with your credit rating and all kinds of other things. So, what we’re seeing now is what we call personally identifiable information or PII.

AI is the new hot target for criminals, what they’re looking for is to build a good file on you and use that to make all their other attacks more successful. So that’s why this PII or personally identifiable information is so valuable to the hacker. So, what should you do? And what are we encouraging our clients and all our loved ones and family members and the community at large to do? Let’s start with what the Office of the Governor says to do.

They gave five basic pieces of advice:

  1. freeze your credit
  2. change all passwords
  3. put a pin on the IRS account (put a personally identifiable personal identification number or another form of security)
  4. secure your existing social security benefits account
  5. report suspected identity theft.

Looking at these pieces of advice, I would agree that all of these are important. For the first one, freezing your credit, I would encourage you to do exactly as they say on the Louisiana Governor governor’s webpage, because it is pretty simple to do, it only takes a little bit of time, and it is free.

For the second item, change all passwords, that feels really huge, right? But my simple advice to everybody on this if you want to have a shot of being able to, quote-unquote change all passwords, is to get a password management program and use it again and again. It can generate and store secure unique passwords for all of your accounts in one secure location.

This is a newer tool in the scheme of cybersecurity and it’s one that everybody ought to be familiarizing themselves with and learning how to use it well. It’s essential that the last piece using it well put a pin on your IRS account. Yes. Set up and secure your Social Security benefits account, just like they said exactly like that report suspected identity theft. This is an important one, learn how to or where to do that reporting. What we encourage as well is for everybody that’s in a business management role.

Prepare your business with a written plan for how and to whom you’re going to report that identity theft or any kind of cybersecurity incident, it’s called an incident response plan, and it is one of the simplest things that you can do, that will make the biggest impact if and when you have a security incident.

The final piece of advice I would say is to use multifactor authentication or two-factor authentication on everything, don’t just rely on your passwords. MFA/2FA will send you a code to your phone that you will have to verify in order to get into the account even with the password (hence 2-factor or multi-factor).

If all else fails, give us a call 225-751-4444 and we can steer you in the right direction.

 

Check out our past Tech Talks:

Winning @ MFA/2FA- AuthPoint

Winning @ Encryption

Winning @ Data Protection

Winning @ Passwords

Winning @ MS Office 365 Security

Winning @ Endpoint Security & Monitoring

Winning @ Employee Cyber Security Training

and

Follow Us on Social Media

Sign Up for our newsletter

 

I know most people need help with this. We look forward to being of service to you and answering any questions.

If there’s anything we can do to help please let us know. Do you have a topic that you would like us to cover? Shoot us an email and let us know: stephanier@turnkeysol.com

Reach out to us ask@tks.la or call 225-751-4444 or visit our website at www.turnkeysol.com.