Helpful Articles

Estimated 3.5 Million Impacted By Oregon Department of Transportation (ODOT) Data Breach

The Oregon Department of Transportation, also known as ODOT recently notified the public of a major data breach. According to an internal ODOT data breach investigation, they discovered the leak on June 2nd. The root cause was a wider breach in the MOVEit transfer protocol that Progress Software develops. Close to two weeks later, ODOT began sending out letters notifying victims that their names, addresses, ID card information, and part of their Social Security numbers had leaked. Many companies use the same software, and the ongoing MOVEit data breach investigation is still revealing the full scope of related breaches.

If either ODOT or Progress Software has sent you a letter, you should read it in detail to understand the risks you face. You should reach out and call the law firm of Console & Associates, P.C. at 866-778-5500 to schedule a free consultation or send us an email at and take your next steps.

To learn more about the Oregon Department of Transportation data breach, read our blog post here:

Insights From the ODOT Data Breach Investigation

The most recent source for the ODOT breach is a post on the website of the organization under the title “MOVEit Data Breach.” This post details that ODOT learned of the vulnerability in MOVEit, a software tool that many companies use for file transfer, on June 1st, 2023. In response, the organization acted to secure its systems, investigate the breach, and discover the scope of the attack.

By June 12th, the ODOT data breach investigation had been able to confirm the details and scope of the breach. The vulnerability had compromised the information of 3.5 million Oregon residents, including sensitive information. The breach did not affect all victims equally, but the type of data that hackers have accessed includes:

Name and address

State ID numbers, including drivers licenses

The last four digits of SSNs

By June 15th, ODOT had notified the public and begun sending out letters to affected individuals. If you’ve received such a letter, you should read it carefully and then reach out to an ODOT data breach lawyer.

More Information About Oregon Department of Transportation

The Oregon Department of Transportation has operated for more than a century, with a founding year of 1913. It’s the department of Oregon’s government that oversees all aspects of transportation, including bridges, roads, railways, as well as the public use of infrastructure. The organization has almost 5,000 employees and an annual revenue of more than $2 billion.

Call a Data Breach Lawyer

At the law firm of Console & Associates, P.C., our ODOT data breach lawyers are investigating the breach as well as other consequences from the MOVEit leak. If ODOT or another organization that uses Progress Software’s MOVEit tool has sent you a data breach letter, your identity could be at risk. Many institutions only ask for the last four digits of your SSN to verify your identity, so that leak is enough to put you at risk for identity theft.


If any oversight or error has contributed to this breach, you might be eligible for compensation for the risks and damages you could suffer. Schedule a free consultation by sending us an email at or by calling 866-778-5500, and we’ll guide you through this difficult situation and assess your legal options.

About the Author
Richard Console
Posted - 06/26/2023