By Julia Shumway
Oregon’s Department of Motor Vehicles has suffered another breakdown: Its cameras stopped working for a few days, preventing the agency from issuing IDs and driver’s licenses.
The system was down from midday last Wednesday to midday Friday and then stopped working for a time on Monday, said spokeswoman Michelle Godfrey.
“The outage prevented us from performing credential transactions that required a photo (to) be taken, but we continued all other transactions,” she said.
She said it took the vendor – Veridos Identity Solutions – those two days to get the systems running again by adding memory to process data. When photos are taken at the DMV, the system compares the current photo with any previous ones to prevent fraud. The breakdown affected all 60 DMV offices throughout the state, and as many as 7,000 people were unable to obtain an ID card or driver’s license because of the breakdown, Godfrey said.
Agency officials initially gave customers passes to come back when the system was working and skip to the front of the line, but that soon became untenable as the outage dragged on, Godfrey said. The agency rescheduled appointments and issued 30-day temporary permits when possible. The agency did not issue a release about the breakdown but posted yellow signs on “many office doors” to alert the public and told them to return when the signs were taken down, Godfrey said.
This is not the first such breakdown of the system, which the first DMV offices began using in 2018, but past outages have only lasted 30 to 45 minutes, Godfrey said.
She said the problem was not related to the massive data breach last month. DMV announced on June 15 – 15 days after discovering the breach – that hackers had gained access to personal information of those with ID cards and driver’s licenses. Godfrey said Tuesday the agency has no way of knowing how many people were affected. The agency estimated last month that hackers may have obtained information about 3.5 million Oregonians, or about 90% of those with state-issued ID cards or driver’s licenses. The breach included personal information such as birthdate, home address and physical characteristics, potentially enabling the hackers to apply for credit cards, loans or unemployment insurance using the information.
The hackers gained access to DMV data through a vulnerability in a software program, MOVEit, that enables the transfer of large files. No other agency in Oregon uses the program, and it is not used by government agencies in Washington, Idaho or Montana. But Louisiana’s DMV, which used MOVEit, also suffered a data breach, with 6 million records compromised. And the U.S. Department of Energy was hacked through MOVEit as well, Reuters reported.
This story first appeared in the Oregon Capital Chronicle.
