Date Posted: Tuesday, March 28th, 2017
Categories: Department of Labor
WILMINGTON – A call center has been set up to provide assistance to impacted users of Delaware Job Link whose personal information may have been part of a data breach of the American JobLink (AJL) Alliance website two weeks ago.
Any past user of the Delaware JobLink website can access the call center by dialing (844) 469-3939 Monday through Friday from 9 a.m. EDT until 9 p.m. EDT.
“AJL is agreeing to 3 years of free credit reports for impacted Delaware JobLink users through Equifax,” said Department of Labor Secretary, Patrice Gilliam-Johnson. “Delaware JobLink users who call the toll-free number listed above will be given an access code to enroll in Equifax’s free credit report monitoring.”
Impacted users must enroll within the next 90 days, or by mid-June 2017. Equifax also will provide up to $25,000 in identify theft insurance.
Sometime between March 13, 2017 and March 14, 2017 the America’s JobLink web-based system that links job seekers with employers in Delaware and nine other states was hacked by a malicious third party last week.
Approximately 253,420 Delaware JobLink users dating back to 2007 may be impacted, including 200,201 of these users whose names, dates of birth and social security numbers were potentially breached.
Initial reports showed no evidence that Delaware’s JobLink system was part of the breach; however last week, the Delaware Department of Labor (DOL) and Division of Employment & Training learned that, in fact, Delaware JobLink data had been breached.
DOL staff immediately notified the public and launched its response plan to help impacted JobLink users.
As part of its response, AJL hired an independent forensic firm and brought in the FBI to investigate the breach, which was discovered three weeks after a hacker created a job seeker account in an AJL system. The hacker then exploited a vulnerability in the application code to gain unauthorized access to certain information of other job seekers. This vulnerability has since been eliminated.
This is the first such data breach in the 50-year history of AJL.
“We’re been working diligently to hold AJL accountable in keeping Delaware JobLink users informed and to ensuring their personal information exposed through this hack remains secure,” said Secretary Gilliam-Johnson. “We take very seriously the trust our clients put in us daily and will continue to do our
part to preserve that trust.”
Delaware has very strict contractual agreements with AJL that the state demanded to protect and secure sensitive public information.
Specifically, there are contractual conditions to which AJL was required to agree and adhere as the vendor and host of the JobLink site. One of those conditions is, in the event of a breach, AJL agrees to provide 3-year free credit monitoring, call center and communications about the breach.
In addition to contacting the AJL breach call center, Delaware JobLink users are encouraged to monitor credit reports with major credit reporting agencies listed below:
1 800 916-8800
PO Box 2000
Chester, PA 19022
1 800 685-1111
PO Box 740241
Atlanta, GA 30374
1 888 397-3742
PO Box 2104
Allen, TX 75013
Individuals may request a fraud alert and or a credit freeze on your file. They may also contact the IRS Identity Protection Specialized Unit at 1-800-908-4490. See identitytheft.gov/databreach for additional follow-up steps.
If you believe a fraudulent return may have been filed using your information please contact the Delaware Division of Revenue at 1-800-292-7826 or 302-856-5358 or visit our website at www.revenue.delaware.gov for more information regarding identity theft.
Built by the Government Information Center