Deadline approaching for dealing with UCR data breach

November 8, 2019

Land Line Staff

|

If you were affected by the Unified Carrier Registration data breach earlier this year, time is running out for you to take action to protect your identity.

Businesses organized as a limited-liability corporation have until next Saturday, Nov. 16, to contact UCR to sign up for identity theft protection for an individual who had their tax identification or Social Security number exposed during a data breach in March.

Companies that are organized as a sole proprietorship have until Jan. 16 to contact UCR for assistance with the breach. Approximately 23,000 carriers may have provided a Social Security number as a tax ID. About 12,000 organizations and 11,000 sole proprietors were potentially affected.

Tamara Young with OOIDA’s Permits and Licensing Department says the company has hired cyber security firm Kroll Information Assurance LLC to help provide identity protection services to anyone affected by the breach. UCR has sent letters to those who were affected.

“At this point, just make sure you keep an eye on your identity, your credit,” Young said in an interview with Land Line Now. “If you see you’re affected by this in any way, please make sure to contact the UCR.”

Last month, the agency reported a vulnerability in its system that from March 1 through March 28 caused a UCR registrant’s tax ID number to display in the status bar of the web browser of the receipt created when registering in the system.

UCR says it submitted a list of approximately 30,000 at-risk registrants to the Federal Motor Carrier Safety Administration for further assistance. UCR requested the agency run those entries through the Motor Carrier Management Information System database to determine the number of registrants who may have used a Social Security number as a tax ID number.

UCR says it is individually notifying those carriers about the data vulnerability and has mailed offers for identity monitoring services to the affected carriers. The UCR’s statement on the data breach says there is “no further risk of tax ID number exposure” and no indication that a “mass export of tax ID numbers occurred” during the period in question.

Young says organizations or owner-operators with an LLC or corporation have until Nov. 16 to contact the UCR to give them the names of those whose data may have been exposed. Individuals with sole proprietorship have until Jan. 16 to contact the UCR. The e-mail address is privacy@legal.UCR.gov, or contact Kroll Information Assurance at 877-300-6816.

News Anchor Terry Scruton contributed to this report.

 

Related News

FMCSA

Federal

FMCSA moves toward new registration system

The Federal Motor Carrier Safety Administration took steps to create a new registration system. It published a notice Friday, April 19.

By Mark Schremmer | April 19

Broker

Federal

FMCSA grants TIA’s petition on training for brokers

FMCSA has granted a petition from the Transportation Intermediaries Association regarding training requirements for brokers.

By Mark Schremmer | April 19

FMCSA

Federal

FMCSA denies Florida agency’s exemption from CDL testing rules

FMCSA has denied a Florida agency’s request for an exemption from regulations that require the CDL skills tests be completed in succession.

By Mark Schremmer | April 18

FMCSA

Federal

FMCSA’s Safety Research Forum open for registration

The Federal Motor Carrier Safety Administration will have its annual Safety Research Forum later this month. It is open to the public.

By Mark Schremmer | April 17