Multi-State Job Matching Website Hacked

  • Multi-State Job Matching Website Hacked

Multi-State Job Matching Website Hacked

She said the state has temporarily deactivated the crosslink between Maine's unemployment system databases and the Maine JobLink website that used Social Security numbers to link records in the two systems.

Officials with America's JobLink, a multi-state web-based system, confirmed that a malicious third party "hacker" exploited a vulnerability in the AJL application code to view job-seeker's names, Social Security Numbers, and dates of birth.

Prior to outsourcing, the department paid $650,000 to the state Office of Information Technology to maintain the job bank and case management systems during the 2015 fiscal year, which ended June 30, 2016. The threat has been contained and the hacker's access to all AJL systems has been disabled. As soon as they became aware of it, they investigated it and were able to terminate the hacker.

"Our customers' personal information is something we value", said Fitzgerald Washington, Secretary of the Alabama Department of Labor.

"We are in the process of identifying all of those individuals who have been compromised and they will receive an email notification from us letting them know about that status".

At a news conference Thursday, Labor Commissioner Lindsay Kurrle said state officials were reviewing the contract with AJLA to determine whether the company had violated terms by not purging old data from the system, therefore exposing more accounts to a risk of compromise. At that point, all 10 states were awaiting the results of a forensic analysis by a firm hired by AJLA, with the support of the Federal Bureau of Investigation. Freezing your credit will not affect your credit score.

The AJLA suggests that those concerned for their privacy (which should be everyone who has an account) should monitor their credit reports with the three major rating agencies: Equifax, Experian and TransUnion.

The IRS Identity Protection Specialized Unit can also give help at 1-800-908-4490 or visit www.identitytheft.gov/databreach for additional follow-up steps.