The Washington state Department of Licensing has disclosed a potential data breach that may have exposed the details of about 250,000 professional licenses.

The department is fairly vague on what was involved, saying only in a statement that it became aware of suspicious activity involving professional and occupational license data during the week of Jan. 24. Along with launching an investigation with the assistance of the Washington Office of Cybersecurity, DOL also shut down its Professional Online Licensing and Regulatory Information System as a precaution.

Outside its POLARIS system, the department said it has no indication that any other DOL data was affected. The POLARIS system stores information about license holders and applicants. That data may include social security numbers, dates of birth, driver license numbers and other personally-identifying information.

In a statement reported Feb. 4 by The Seattle Times, a spokesperson for DOL said that the agency is unsure of whether the breach resulted in stolen data or of the number of professionals who might be affected by the suspicious activity.

According to the Associated Press, the shutdown of the POLARIS system is said to be causing problems for some professionals and firms that need to apply for, renew or modify their licensing. Licenses issued by the department cover 39 businesses and professions, including cosmetology, real estate brokers, bail bondsmen, architects and driver training school instructors.

The department is advising those who may be affected by the potential data breach to remain vigilant, consider placing a fraud alert or security freeze on their credit file and to report suspicious activity.

Without any official disclosure from the department, the form of attack is pure speculation. That the department chose to shut down POLARIS rather the system being forced offline would indicate that a ransomware attack was likely not involved.

The possible theft of data could be state-sponsored, it could be a hacking group stealing the data because it can, or it could be a group planning to threaten publishing the data if a payment is not made.

Attacks on government agencies are reasonably common, such as with an attack that targeted Austin, Texas, in 2020.

Image: Open Clipart