Here’s why Louisiana wants residents to change passwords after OMV hack — and how to do it | News

/in


After a massive data breach exposed at least 6 million Louisiana Office of Motor Vehicles records, state officials are recommending anyone who holds a Louisiana drivers license change all of their passwords. 

That’s a huge undertaking for most people, but digital security experts say it’s a recommendation worth following for the millions of Louisianans whose personal information, including social security number and drivers license data, is exposed on the internet. 

Why should you change your passwords?

The personal information exposed in the OMV hack has the potential to arm someone with everything they need to access an online account except for the password, said Abe Baggili, an LSU professor and cybersecurity expert. 

Many online services ask users to fill out security questions about personal details as a way to confirm someone’s identity during a password reset. The OMV hack exposed enough information that a hacker could now answer those questions or figure out the answers, Baggili said. 

A hacker with access to the leaked personal information could also now craft an extremely sophisticated phishing email in an attempt to steal usernames, passwords, credit card numbers and other data, Baggili said. 

“You fall victim to this because it looks super legitimate, it looks like it’s coming from the right place and it looks like they have enough information about you to make it believable that they know who you are,” Baggili said.

How should you change your passwords?

The solution is fairly simple and is something people should probably already be doing, Baggili said. 

“We live in an age where at this point and time a password manager is essential,” Baggili said. 

Password managers secure all your passwords in one place, can alert you if a password has been leaked anywhere online and can allow you to quickly and easily change passwords to be more secure. Many internet browsers offer password managers built in to the browser, but a dedicated, seperate password manager are considered more secure.

Source…