Vendor to offer protection to those affected by fishing and hunting licenses hack

Well, from reading news coverage, I knew this was coming, but here’s the official announcement: ACTIVEOutdoors, the vendor involved in the hack of several states’ hunting and fishing license sites, will be offering two years of credit monitoring services to people in three states. Here is their announcement:

ACTIVEOutdoors announced today that on August 22, 2016, it became aware that it was the victim of an unauthorized and unlawful access to certain information in the state online hunting and fishing applications that ACTIVEOutdoors operates on behalf of the states of IdahoOregon, and Washington. The ACTIVEOutdoors team immediately began an investigation in coordination with the impacted states, and within a few hours had released an update to those applications to address the reported threat.

As an additional protective measure, ACTIVEOutdoors engaged a top-tier cybersecurity firm to conduct an independent review. That review confirmed that the incident was successfully addressed and was isolated to those three states with respect to hunting and fishing accounts that were created prior to July 2006 for Washington customers, and July 2007 for Idaho and Oregon customers. Importantly, no credit card or financial information was involved, and ACTIVEOutdoors is not aware of any fraud associated with this incident. No other system or property of ACTIVEOutdoors or its related businesses were impacted by this incident.

For persons who applied for or purchased hunting and fishing licenses in the impacted states during this timeframe, it has been determined that name, address, date of birth, and driver’s license number were potentially accessed for Oregon and Washington customers. Additionally, full Social Security numbers may have been accessed for customers who applied for or purchased Idaho hunting and fishing licenses prior to July 2007.

ACTIVEOutdoors is committed to working with the state agencies and law enforcement in their ongoing investigation of the incident.

Letters to those potentially impacted by the incident will be mailed beginning on Monday September 19, 2016. These letters include an explanation of the incident, an offer of two years of free identity protection and restoration services, and information about additional ways impacted individuals can protect themselves.

Consumers should note that under no circumstances will ACTIVEOutdoors or the three impacted states call you or send you a message and ask for your personal information in connection with this incident. You should not provide personal information to anyone who calls you or sends you a message about this incident.

To Learn More

ACTIVEOutdoors has established a website, which will be available starting on Monday September 19, 2016 at 9am CDT, where people can check to see whether their information was potentially impacted, receive instructions on how to access identity protection and restoration services, and receive tips to protect against identity theft. The website address is https://activeoutdoors.allclearid.com.

About the author: Dissent