Department of Administrative Services hacked

The state’s metadata was breached.

Share this article!


Gov. Kate Brown announced Thursday that the metadata of the Department of Administrative Services was breached.

Personal information wasn’t compromised, Brown said in a Statesman Journal article. 

Brown said in the statement: “Although I have been assured that no personally identifying information was compromised, this incident causes me to have serious concerns about the integrity of state data.”

Portland Tribune reports:

The data breach occurred at a time when two top managers at the data center — Michael Rodgers, the acting director of the data center, and Technical Engineering Manager Marshall Wells — are on paid administrative leave pending a human resources investigation. The two men have been on leave since February and remained on leave Thursday, according to a DAS spokeswoman.

Auditors from the secretary of state’s office were already conducting a routine review of security at the data center when the breach occurred. They had identified vulnerabilities at the data center in a 2010 audit, but a March 2012 follow-up audit mostly gave the data center good marks for security.

The attack marks the third time Oregon has been targeted by hackers in the last 13 months.

Brown shuffled responsibilities in response to the hack.

The state’s chief information officer, Alex Pettit, will now take charge of the agency’s Enterprise Technology Services Division, who will work with the Legislature on how IT resources should be structured and funded, Brown said.

The state will also begin a process to find a management and organizational design expert to review IT standards, she said. The review will identify vulnerabilities and provide recommendations to fix them, Brown said.