Washington state agency discloses data breach impacting hundreds of thousands of licensed professionals
The Washington Department of Licensing (DOL) said in a press release late Friday night that it suffered a security breach of its IT system and that the personal data of hundreds of thousands of licensed professionals may have been exposed.
The breach occurred during the week of January 24 and impacted POLARIS, an online web-based database where the agency stores information on licensed professionals such as drivers, accountants, lawyers, bail bonds agents, funeral directors, home inspectors, notaries, and others.
"The type of information varies for different licenses and may include social security numbers, dates of birth, driver license numbers, and other personally identifying information," the agency said on Friday.
DOL officials said they are still investigating the incident but plan to notify all those who had their data accessed in the breach, which they currently described only as "suspicious activity."
The size of the breach remains unclear, but a local Seattle newspaper said that POLARIS stores data of more than 257,000 licensed professionals and applications; across 23 job categories.
If the agency confirms the breach, the stolen data could be a boon for online criminals, who would most likely put the information to good use for IRS tax fraud schemes—especially since the tax-filing season is around the corner.
Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.