State Labor Department Reports Data Breach
Anyone whose online file was manually accessed between April 19 and May 13 could be affected and the Executive Office of Labor and Workforce Development is advising anyone who believes they may have been affected to put a fraud alert, or credit freeze, on any access to their credit reports.
The 1,200 employers that manually file could also be affected by the data breach.
State officials say W32.QAKBOT virus, a new strain of a computer virus, was detected on April 20 and was believed to have been eradicated. On Monday, it was found the the virus was still active and the system was shut down. W32.QAKBOT may have infected as many as 1,500 computers housed in Departments of Unemployment Assistance and Career Services, including the computers at the One-Stop Career Centers.
A staff person would have had to key in sensitive information at an infected work station for the virus to access a personal file.
According to a statement from the agency, the possibility exists that as a result of the infection, the virus collected confidential claimant or employer information. This information may include names, Social Security numbers, Employer Identification Numbers, email addresses and residential or business addresses. It is possible that bank information of employers was also transmitted through the virus.
"I apologize to our customers and recognize that this is an unwanted problem. We are hopeful that the actual impact on residents and businesses is minimal. The breach is no longer active," Joanne F. Goldstein, secretary of labor, said in a statement. "We are in the process of individually notifying all residents whom we think could be impacted and have advised all relevant and necessary state and federal agencies of the situation."
The department is working with state and federal agencies; the attorney general's Cyber Crime Unit, the Office of Consumer Affairs and the Federal Bureau of Investigation are now involved. "We are coordinating with the attorney general to identify the perpetrators of this crime and to take the next steps to address their actions," stated Goldstein.
All unemployment claimants will receive letters advising them of the breach and the information on how they can further protect themselves. EOLWD has set up a hotline, 1-877-232-6200, that will be staffed starting Tuesday and for the next two weeks. The extended hours are listed below:
- Tuesday, May 17 – Friday, May 20: 7 a.m. – 7:30 p.m.
- Saturday, May 21: 8 a.m. – 1:30 p.m.
- Monday, May 23 – Thursday, May 26: 7 a.m. – 7:30 p.m.
- Friday, May 27: 7 a.m. – 5 p.m.