The Oregon Judicial Department announced Thursday that the personal information of 6,607 people was exposed in a phishing attack last month.
The department said it’s sending notices and providing credit monitoring services to the people whose personal information was exposed.
The department said there’s no evidence that the information has been downloaded or misused. The exposed information varies by individual but may include names, dates of birth, social security numbers and financial account information.
The large-scale phishing attack occurred July 15, resulting in five OJD email accounts being compromised by a phishing link.
The attack did not affect any other OJD systems, such as the department’s case management system — only the information in the five employee email accounts.
Along with one year of credit monitoring service and identity theft recovery services, OJD is providing a $1 million insurance reimbursement policy. It has reported the breach to law enforcement.