|
Vendor Contracted by Illinois
Department of Employment Security Data Breached
Send a link to a friend
[March 27, 2017]
SPRINGFIELD
- The Illinois Department of Employment Security notified the
Illinois General Assembly of confirmation that one of its vendors
experienced a data breach affecting approximately 1.4 million
Illinois job seekers, according to the vendor’s current estimate.
The vulnerability was not the result of any deficiency in software
maintained by the State of Illinois and may have impacted ten
states.
|
|
 “The threat of cyber-crime is a clear and present danger to the
citizens of Illinois and our administration will continue pressing
forward with a comprehensive cybersecurity strategy,” Eleni
Demertzis, Spokeswoman for Governor Rauner. “We implore Comptroller
Mendoza to reevaluate her decision to hold up funding for this
important project, which everyday puts the people of Illinois at
risk.”
In the letter IDES wrote:
 On March 14, 2017, America’s Job Link Alliance - Technical Support (AJLA-TS)learned
that a malicious third party “hacker” had exploited vulnerability in
the AJL application code that could have permitted the hacker access
to the names, social security numbers and dates of birth of job
seekers in the AJL systems of ten states, including Illinois. At
present, AJLA has no reason to believe that anyone other than the
individual hacker exploited the vulnerability. It was not clear
whether the vulnerability resulted in actual unauthorized access to
any data until AJLA communicated on March 22, 2017 its belief that a
breach appeared to have occurred.
Incidents such as these further validate the benefits of an
enterprise approach to cybersecurity at the State of Illinois, as
announced by the Governor this week. Our strategy will strengthen
Illinois’ ability to prevent, identify and resolve security issues
for residents and State services.
[to top of second column] |
A technical team from the Illinois Department of Innovation and Technology is
working with IDES, AJLA-TS, and the forensic firm to address the situation. AJLA
also alerted the FBI, which is currently investigating the matter…
IDES is currently preparing notices to the affected job seekers…
The notices will also provide affected job seekers with toll-free numbers and
addresses for consumer reporting agencies; a toll-free number and a mailing and
website address for the Federal Trade Commission; information on the
availability of fraud alerts and security freezes; the toll-free number for a
call center that AJLA has set up, to answer questions and offer credit
monitoring advice; and an AJLA-maintained web address to which questions can
also be directed. AJLA will also make credit monitoring services available to
affected individuals. IDES is also evaluating its contract with AJLA to
determine its rights
[Office of the Governor Bruce Rauner]
 |
