The February breach of the Oregon Secretary of State’s website cost taxpayers about $176,662, including about $4,500 for meals and lodging to allow employees to work through a snowstorm. The breach was detected Feb. 4 and knocked the agency’s elections and business registry databases offline for nearly three weeks. The largest expense — about $72,450 — went to Virtual Security Research for “vulnerability testing,” according to cost figures obtained by The Oregonian through a public records request.
The firm was hired Feb. 13 to review security measures at an initial cost of up to $18,000, agency spokesman Tony Green said Feb. 21.
The next-largest expense — almost $47,000 — came from staff overtime. An additional $26,000 was spent on a second firm, ID Experts, to set up a call center to notify and work with affected users. An estimated $20,000 went to Vulnerability Management Tool and $6,800 to Dell Marketing for additional computer services.