Data Breach Alert: Poor website security puts untold number of Oklahomans at identity theft risk

Posted by Joe on April 17th, 2008

Thanks for visiting the NextAdvisor Daily blog. You may want to subscribe to our RSS feed.

A major security flaw in the Oklahoma Department of Corrections website reportedly exposed the personal information of tens of thousands of Oklahoma residents for a period of at least three years.

Because the publicly available website lacked basic security protocols anyone with basic programming knowledge, an Internet connection and a web browser could easily access detailed information within the Oklahoma DOC’s database. It is also possible that information could have been changed within the database without the departments knowledge.

One recent investigator was able to extract over ten thousand records, including social security numbers, from the website.

The security issue appears to be fixed, although the Oklahoma Department of Corrections has made no official announcements about the data breach itself.

We strongly suggest that any Oklahomans that believe they may have been impacted by this data breach should learn more about identity theft protection options. View our identity theft protection service guide to learn more.

• Data Breach Alert: 70,000 impacted in OSU server breach
• Data Breach Alert: Registration website exposes presidential primary voters to identity theft
• Is your state putting your identity at risk?
• Data Breach Alert: City website exposes firefighters personal information
• Data Breach Alert: Health insurer exposes personal information of 128,000 customers