Hunting and fishing license holders in Idaho, Oregon, Washington and Kentucky were put on notice regarding a computer hack that halted online license sales in the four states earlier in the week.
A hacker, referring to himself as Mr. High, boasted of accessing the personal information of upwards of 6.5 million people in the states listed above, but authorities are still unsure as to whether or not the hacker actually downloaded any of the information.
Data including vital personal information such as names, addresses, dates of birth, driver’s license numbers, partial social security numbers, email addresses, phone numbers, height, weight and hair color was apparently obtained by the hacker.
The breach, affecting 2.4 million people in Washington, 2.1 million people in Kentucky, 1.2 million people in Oregon and 788,000 in Idaho has undoubtedly caught the attention of both the FBI and the Department of Homeland Security.
Authorities and administrators on the state level have been busy evaluating possible access points the hacker may have used to access the information. Idaho’s chief technology officer, Greg Zickau believes this breach was due in part to a weakness in the front end of the licensing sites, using a relatively simple computer script to both access the millions of user records and, at the same time, cover his tracks by concealing his internet address.
This is not the first time Idaho’s system has come under attack, Zickau said, citing numerous attempts at website defacements, ransomware and denial of service attacks.
“We’re constantly being scanned, and relatively constantly under some level of attack with varying levels of success,” Zickau told the Post Register.
In the meantime, license sales are still being conducted through businesses and independent locations that sell licenses and over the phone, which is the only alternative at this point for out-of-state hunters.