Delaware News


DDOL Continues Responding to Jobseeker Site Breach

News | Date Posted: Friday, March 24, 2017



Original Press Release
A list of Frequently Asked Questions is being maintained on the DDOL website.

Wilmington – March 23, 2017 In addition to sharing the news of the Job Link data breach via mainstream and social media, copies of the FAQ have been made available to the public and placed in prominent areas of our four offices across the state.

“Working through this issue continues to be the Department of Labor’s top priority,” said DOL Secretary Patrice Gilliam-Johnson. “We want to be clear that we are taking the matter very seriously and are working hard on behalf of our JobLink users to rectify this. We will continue to keep the public informed with pertinent information as it becomes available.”

America’s JobLink (AJL), a web-based system that links job seekers with employers in Delaware and nine other states, was hacked by a malicious third party last week.

Approximately 253,420 Delaware JobLink users dating back to 2007 may be affected, including 200,201 of these users whose names, dates of birth and social security numbers may have been breached. Initial reports showed no evidence that Delaware’s JobLink system was part of the breach.

However, on the afternoon of March 22 the Delaware Department of Labor’s Division of Employment & Training learned that, in fact, Delaware JobLink data had been breached.

Delaware has very strict contractual agreements with AJLA that we demanded to protect and secure sensitive public information. There are 12 contractual conditions AJL was required to agree and adhere to as the vendor and host of the JobLink site. These conditions include:

  • State retains Data Ownership
  • Data physically resides in the United States, including backups and Disaster Recovery locations (alternative sites established for continuity of operations in the event of a disaster)
  • Disaster Recovery locations
  • In the event of a breach, the Vendor is liable for all response and recovery costs: 3-year credit monitoring, call center, communication, breach website
  • Upon contract termination, Vendor is responsible for the orderly return of data and secure disposal

The DDOL encourages job seekers to remain vigilant with respect to reviewing bank, credit card, and debit card account statements and report any suspicious activity to your bank or credit company.

By next week, AJL will establish a toll-free number for impacted users to call for more information. In the meantime, Delaware JobLink users are encouraged to monitor credit reports with major credit reporting agencies listed below:

TransUnion
1 800 916-8800
PO Box 2000
Chester, PA 19022
www.transunion.com

Equifax
1 800 685-1111
PO Box 740241
Atlanta, GA 30374
www.equifax.com

Experian
1 888 397-3742
PO Box 2104
Allen, TX 75013
www.experian.com

Individuals may request a fraud alert and or a credit freeze on your file. They may also contact the IRS Identity Protection Specialized Unit at 1-800-908-4490. See identitytheft.gov/databreach for additional follow-up steps.

image_printPrint


Graphic that represents delaware news on a mobile phone

Keep up to date by receiving a daily digest email, around noon, of current news release posts from state agencies on news.delaware.gov.

Here you can subscribe to future news updates.

DDOL Continues Responding to Jobseeker Site Breach

News | Date Posted: Friday, March 24, 2017



Original Press Release
A list of Frequently Asked Questions is being maintained on the DDOL website.

Wilmington – March 23, 2017 In addition to sharing the news of the Job Link data breach via mainstream and social media, copies of the FAQ have been made available to the public and placed in prominent areas of our four offices across the state.

“Working through this issue continues to be the Department of Labor’s top priority,” said DOL Secretary Patrice Gilliam-Johnson. “We want to be clear that we are taking the matter very seriously and are working hard on behalf of our JobLink users to rectify this. We will continue to keep the public informed with pertinent information as it becomes available.”

America’s JobLink (AJL), a web-based system that links job seekers with employers in Delaware and nine other states, was hacked by a malicious third party last week.

Approximately 253,420 Delaware JobLink users dating back to 2007 may be affected, including 200,201 of these users whose names, dates of birth and social security numbers may have been breached. Initial reports showed no evidence that Delaware’s JobLink system was part of the breach.

However, on the afternoon of March 22 the Delaware Department of Labor’s Division of Employment & Training learned that, in fact, Delaware JobLink data had been breached.

Delaware has very strict contractual agreements with AJLA that we demanded to protect and secure sensitive public information. There are 12 contractual conditions AJL was required to agree and adhere to as the vendor and host of the JobLink site. These conditions include:

  • State retains Data Ownership
  • Data physically resides in the United States, including backups and Disaster Recovery locations (alternative sites established for continuity of operations in the event of a disaster)
  • Disaster Recovery locations
  • In the event of a breach, the Vendor is liable for all response and recovery costs: 3-year credit monitoring, call center, communication, breach website
  • Upon contract termination, Vendor is responsible for the orderly return of data and secure disposal

The DDOL encourages job seekers to remain vigilant with respect to reviewing bank, credit card, and debit card account statements and report any suspicious activity to your bank or credit company.

By next week, AJL will establish a toll-free number for impacted users to call for more information. In the meantime, Delaware JobLink users are encouraged to monitor credit reports with major credit reporting agencies listed below:

TransUnion
1 800 916-8800
PO Box 2000
Chester, PA 19022
www.transunion.com

Equifax
1 800 685-1111
PO Box 740241
Atlanta, GA 30374
www.equifax.com

Experian
1 888 397-3742
PO Box 2104
Allen, TX 75013
www.experian.com

Individuals may request a fraud alert and or a credit freeze on your file. They may also contact the IRS Identity Protection Specialized Unit at 1-800-908-4490. See identitytheft.gov/databreach for additional follow-up steps.

image_printPrint


Graphic that represents delaware news on a mobile phone

Keep up to date by receiving a daily digest email, around noon, of current news release posts from state agencies on news.delaware.gov.

Here you can subscribe to future news updates.