Idaho Department of Labor Gets Hacked
(Redoubt News) – On March 21, 2017, it was confirmed that about 170,000 of the Idaho Department of Labor’s 530,000 job-seeker accounts were compromised by a hacking incident on March 12-13 involving America’s Job Link, a Kansas-based, multi-state system that operates the department’s IdahoWorks job search engine.
America’s Job Link (AJL) has informed the Idaho Department of Labor that a system modification implemented last fall allowed a vulnerability in the system that was exploited earlier this month.
An investigation into the accessed accounts revealed an individual with unauthorized access could see the name, date of birth and Social Security numbers of affected job seekers.
The Department of Labor is sending direct notification, via email or regular mail, to all IdahoWorks customers whose accounts may have been compromised.
AJL provides job search services to ten states. A total of 4.8 million accounts within the AJL system are believed to have been compromised. Other state systems affected include Alabama, Arizona, Arkansas, Delaware, Illinois, Kansas, Maine, Oklahoma and Vermont.
The matter is under criminal investigation by law enforcement.
An independent forensic firm hired by America’s Job Link Alliance-Technical Support estimated that 170,000 Idaho-based accounts may have been viewed. According to the forensic firm, the code vulnerability that allowed the unauthorized access has since been eliminated.
The affected accounts were in the system from 2011 to March 14, 2017. Job seeker accounts created prior to March 14, 2017 are potentially affected. If you have not used the system since Jan. 1, 2011, you need not worry as those records were purged from the system long ago. Idaho accounts created on and after March 14, 2017 were not affected.