La. officials found out about cyber attack last month

BATON ROUGE, La. (WAFB) - Louisiana leaders now admit they have known about a cyber attack affecting Louisianians for nearly three weeks.

However, the first warning to the public did not come until fifteen days later, on Thursday, June 15. That is because, as state leaders say, it was not until earlier this week, on Wednesday, June 14, that they realized just how widespread the attack actually was.

The attack was on a third-party vendor, MOVEit, which is a data transfer service used to send large files, said Casey Tingle, Director of the Governor’s Office of Homeland Security and Emergency Preparedness (GOHSEP). The exposed records were from the state’s Office of Motor Vehicles (OMV).

When MOVEit suffered the attack, it likely gave hackers access to an estimated six million Louisiana OMV records, Tingle said. Those records contained the names, addresses, social security numbers, birth dates, driver’s license numbers and other details on most adults in the state, GOHSEP said.

During a news conference Friday morning, WAFB asked GOHSEP Director Casey Tingle about when the governor’s office was first informed about the attack. Tingle declined to give a specific answer.

“I don’t want to get into the exact notification here,” Tingle said. “I think the important part is that we knew Wednesday night (June 14) the scale of the data that was involved and we met the next morning to walk through what that meant.”

Late Friday afternoon, following further questions from WAFB, Tingle clarified the timeline in a written statement.

“MOVEit’s owner sent notification of a vulnerability on May 31, 2023, in a blanket statement to all of its global customers,” Tingle said. “They did not know the scope of the impact or whether Louisiana was actually impacted. The state’s cyber incident response team, including officials from the Office of Technology Services, Louisiana State Police and GOHSEP, immediately initiated an intensive digital forensic investigation and response procedures. In the preliminary stages of the investigation, any data exposure was believed to be minimal and limited to less sensitive information, but the investigation continued. Late Wednesday, the investigating team realized that compromised records with OMV affected sensitive information for all Louisianans with state-issued IDs and motor vehicle certificates. They then began preparing a brief for Governor Edwards, which was conducted from 11 a.m. to noon on Thursday. At the governor’s direction, GOHSEP, State Police, the Office of Technology Services and OMV moved promptly to notify the public of the possible exposure of sensitive data. At this time, no other servers have been identified as compromised by the bad actors.”

GOHSEP has not said who it believes is behind the attack but said the “cyber attackers have not contacted state government.”

Louisiana Governor John Bel Edwards did not attend Friday’s news conference. He left Friday morning for a pre-planned economic development meeting in France.

State leaders issued the following suggestions for Louisiana residents who could be affected:

1. Prevent Unauthorized New Account Openings or Loans and Monitor Your Credit

Individuals can freeze and unfreeze their credit for free, which stops others from opening new accounts and borrowing money in your name. Freezing your credit does not prevent the use of any existing credit cards or bank accounts. Freezing your credit may be done quickly online or by contacting the three major credit bureaus by phone:

Experian1-888-397-3742www.experian.com/freeze

Equifax1-800-685-1111www.equifax.com/personal/credit-report-services/credit-freeze/

TransUnion(888) 909-8872www.transunion.com/credit-freeze

Please also request and review your credit report from these agencies to look for suspicious activity.

2. Change All Passwords

As an additional precaution, consider changing all passwords for online accounts (examples: banking, social media, and healthcare portals) in the event your personal data was used to access these accounts. Utilize multi-factor authentication when able. Learn more about password protection at www.CISA.gov.

3. Protect Your Tax Refund and Returns with the Internal Revenue Service

To prevent someone else from filing returns or receiving your federal tax refund, request an “Identity Protection Pin” from the Internal Revenue Service by signing up at: https://www.irs.gov/identity-theft-fraud-scams/get-an-identity-protection-pin or calling the IRS at 1-800-829-1040.

4. Check your Social Security Benefits

All individuals who are eligible, applied for, and/or are receiving social security benefits (including disability), please consider registering for a ssa.gov account at https://www.ssa.gov/myaccount/ to stop others from stealing your benefits. If you suspect Social Security fraud, call the Office of Inspector General hotline at 1-800-269-0271, Social Security Administration at 1-800-772-1213 or file a complaint online at oig.ssa.gov.

5. Report Suspected Identity Theft

If you suspect any abnormal activity involving your data, including financial information, contact the Federal Trade Commission at 1-877-FTC-HELP or visit www.ReportFraud.FTC.gov immediately.

The State of Louisiana will be issuing additional information in the coming days. Additional tips on protecting your data and identity can be found at nextsteps.la.gov and www.IdentityTheft.gov.

Click here to report a typo.

Copyright 2023 WAFB. All rights reserved.