Serviceteam IT Security News
A data breach at the Ohio Department of Job and Family Services (ODJFS) has exposed the personal data of Pandemic Unemployment Assistance (PUA) claimants.

Personal information including names, Social Security numbers, home addresses, and claim receipts was exposed to other claimants due to a security vulnerability detected by Deloitte Consulting on May 15. Deloitte is the technology vendor for PUA systems in several states, including Ohio.

“A unique circumstance enabled about two dozen Pandemic Unemployment Assistance claimants to inadvertently access a restricted page when logged into the state’s PUA website,” Deloitte said in the statement.

In a breach notification email sent to PUA claimants on May 20, ODJFS said the breach was fixed within one hour of discovery.

The department stated: “Over the weekend, Deloitte notified ODJFS that about two dozen individuals inadvertently had the capability to view other PUA claimants’ correspondence.”

According to the department there is no evidence to suggest that any “widespread data compromise” had occurred.

More than 161,000 Ohioans have applied for unemployment assistance offered in the wake of COVID-19. ODJFS has not revealed how many of these claimants were affected by the data breach.

Perhaps tellingly, every single Ohioan who has claimed PUA is being offered free credit monitoring by Deloitte Consulting for 12 months.

“A unique circumstance enabled about two dozen Pandemic Unemployment Assistance claimants to inadvertently access a restricted page when logged into the state’s PUA website,” Deloitte said in the statement. “Within an hour of learning of this issue, we identified the cause and stopped the unauthorized access to prevent additional occurrences.

Frustrated claimants, some of whom are still waiting to receive financial assistance under the PUA program, reported the breach on social media.

ODJFS said action had been taken to ensure that the data breach was a one-off.

The department stated: “ODJFS holds the confidentiality of claimant data in the highest regard and agreed with the immediate steps Deloitte took to prevent any unauthorized PUA access in the future.”

Unemployment claims in Ohio since the start of the coronavirus crisis passed the 1 million mark at the end of April, putting pressure on an archaic system.

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!