DDOL Responds to Jobseeker Site Breach
Department of Labor | News | Date Posted: Wednesday, March 22, 2017
Department of Labor | News | Date Posted: Wednesday, March 22, 2017
Updated, March 23, 2017 – A list of Frequently Asked Questions is being maintained on the DDOL website.
Wilmington – March 22, 2017 America’s JobLink (AJL) web-based system that links job seekers with employers in Delaware and nine other states was hacked by a malicious third party last week.
Approximately 253,420 Delaware JobLink users dating back to 2007 may potentially be impacted, including 200,201 of these users whose names, dates of birth and social security numbers were potentially breached.
Initial reports showed no evidence that Delaware’s JobLink system was part of the breach; however, this afternoon, the Delaware Department of Labor and Division of Employment & Training learned that, in fact, Delaware JobLink data had been breached.
“We are extremely troubled by this reprehensible act and have begun the process of ensuring the personal information associated with the users of the Delaware JobLink website is secured and protected,” said Patrice Gilliam-Johnson, Secretary of the Delaware Department of Labor. “We are working both closely and diligently with AJL to arrange a formal notification of this breach to all those impacted and are in the process of setting up a call center to assist us in remedying this matter.”
Upon suspecting malicious activity last week, AJL hired an independent forensic firm and brought in the FBI to investigate the breach, which was discovered three weeks after a hacker created a job seeker account in an AJL system.
The hacker then exploited a vulnerability in the application code to gain unauthorized access to certain information of other job seekers. This vulnerability has since been eliminated. This is the first such data breach in the 50-year history of AJL.
The DOL is working with the Delaware Department of Technology & Information on the notification to JobLink users and help setting up credit monitoring and fraud alerts. By next week, AJL will establish a toll-free number for impacted users to call for more information. In the meantime, Delaware JobLink users are encouraged to monitor credit reports with major credit reporting agencies listed below:
TransUnion
1 800 916-8800
PO Box 2000
Chester, PA 19022
www.transunion.com
Equifax
1 800 685-1111
PO Box 740241
Atlanta, GA 30374
www.equifax.com
Experian
1 888 397-3742
PO Box 2104
Allen, TX 75013
www.experian.com
Individuals may request a fraud alert and or a credit freeze on your file. They may also contact the IRS Identity Protection Specialized Unit at 1-800-908-4490. See identitytheft.gov/databreach for additional follow-up steps.
Keep up to date by receiving a daily digest email, around noon, of current news release posts from state agencies on news.delaware.gov.
Here you can subscribe to future news updates.
Department of Labor | News | Date Posted: Wednesday, March 22, 2017
Updated, March 23, 2017 – A list of Frequently Asked Questions is being maintained on the DDOL website.
Wilmington – March 22, 2017 America’s JobLink (AJL) web-based system that links job seekers with employers in Delaware and nine other states was hacked by a malicious third party last week.
Approximately 253,420 Delaware JobLink users dating back to 2007 may potentially be impacted, including 200,201 of these users whose names, dates of birth and social security numbers were potentially breached.
Initial reports showed no evidence that Delaware’s JobLink system was part of the breach; however, this afternoon, the Delaware Department of Labor and Division of Employment & Training learned that, in fact, Delaware JobLink data had been breached.
“We are extremely troubled by this reprehensible act and have begun the process of ensuring the personal information associated with the users of the Delaware JobLink website is secured and protected,” said Patrice Gilliam-Johnson, Secretary of the Delaware Department of Labor. “We are working both closely and diligently with AJL to arrange a formal notification of this breach to all those impacted and are in the process of setting up a call center to assist us in remedying this matter.”
Upon suspecting malicious activity last week, AJL hired an independent forensic firm and brought in the FBI to investigate the breach, which was discovered three weeks after a hacker created a job seeker account in an AJL system.
The hacker then exploited a vulnerability in the application code to gain unauthorized access to certain information of other job seekers. This vulnerability has since been eliminated. This is the first such data breach in the 50-year history of AJL.
The DOL is working with the Delaware Department of Technology & Information on the notification to JobLink users and help setting up credit monitoring and fraud alerts. By next week, AJL will establish a toll-free number for impacted users to call for more information. In the meantime, Delaware JobLink users are encouraged to monitor credit reports with major credit reporting agencies listed below:
TransUnion
1 800 916-8800
PO Box 2000
Chester, PA 19022
www.transunion.com
Equifax
1 800 685-1111
PO Box 740241
Atlanta, GA 30374
www.equifax.com
Experian
1 888 397-3742
PO Box 2104
Allen, TX 75013
www.experian.com
Individuals may request a fraud alert and or a credit freeze on your file. They may also contact the IRS Identity Protection Specialized Unit at 1-800-908-4490. See identitytheft.gov/databreach for additional follow-up steps.
Keep up to date by receiving a daily digest email, around noon, of current news release posts from state agencies on news.delaware.gov.
Here you can subscribe to future news updates.