Data Breach Alert: Poor website security puts untold number of Oklahomans at identity theft risk

Posted by Joe on April 17th, 2008

A major security flaw in the Oklahoma Department of Corrections website reportedly exposed the personal information of tens of thousands of Oklahoma residents for a period of at least three years.

Because the publicly available website lacked basic security protocols anyone with basic programming knowledge, an Internet connection and a web browser could easily access detailed information within the Oklahoma DOC's database. It is also possible that information could have been changed within the database without the departments knowledge.

One recent investigator was able to extract over ten thousand records, including social security numbers, from the website.

The security issue appears to be fixed, although the Oklahoma Department of Corrections has made no official announcements about the data breach itself.

We strongly suggest that any Oklahomans that believe they may have been impacted by this data breach should learn more about identity theft protection options. View our identity theft protection service guide to learn more.

• Data Breach Alert: 70,000 impacted in OSU server breach
• Data Breach Alert: Registration website exposes presidential primary voters to identity theft
• TJ Maxx may have know about identity theft threat two months earlier than reported
• Data Breach Alert: College students receive social security numbers of classmates over email
• Data Breach Alert: Health insurer exposes personal information of 128,000 customers