- The Washington Times - Friday, March 24, 2017

Name, birthdates and Social Security numbers of millions of job seekers from 10 states recently became compromised as the result of a newly disclosed data breach revealed Wednesday.

The FBI has reportedly launched an investigation upon being notified this week of a recent breach suffered by America’s Job Link Alliance (AJLA), an online portal used to connect job seekers in several states with potential employers.

The portal was breached last month for the first time in its nearly 50-year history after an unauthorized party exploited a vulnerability in its online system, it said in a statement Wednesday.

“On February 20, 2017, a hacker created a job seeker account in an America’s JobLink (AJL) system. The hacker then exploited a misconfiguration in the application code to gain unauthorized access to certain information of other job seekers,” including users’ names, dates of birth and Social Security numbers, the statement said.

The misconfigured code was found and the issue fixed about three weeks later on March 14, the alliance said Wednesday. In the interim, however, AJLA said the hacker is believed to have compromised the data of job seekers from 10 states: Alabama, Arkansas, Arizona, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma and Vermont.

“This is appalling,” Vermont Gov. Phil Scott said Thursday. “And I know this will be incredibly burdensome to the tens and thousands of Vermonters who are impacted.”

An independent forensic firm is currently working to determine the scope of the breach, and law enforcement including the FBI is investigating the incident, AJLA said Wednesday. In the meantime, local reports indicate potentially millions of job seekers may have had their personal information compromised.

The Illinois Department of Employment Security told the state General Assembly that approximately 1.4 million Illinois job seekers may have been compromised, while Delaware’s Department of Labor said upwards of 250,000 if its own residents may be affected, including individuals who registered online dating back to 2007.

A representative for the Arkansas Department of Workforce Services said an estimated 19,000 residents there were affected, and Oklahoma has put its figure at over 430,000.

“If you’ve accessed the site, then you’re probably vulnerable,” Shelley Zumwalt, a spokeswoman for Gov. Mary Fallin, told The Oklahoman.

The alliance says its flagship JobLink platform acts as “a comprehensive, web-based workforce development system for job seekers, employers, training providers and workforce professionals.”

Nicole Randall, a spokeswoman for the Kansas Department of Commerce, said the state pays $440,000 each year for AJLA’s services, the Topeka-Capital Journal reported.

• Andrew Blake can be reached at ablake@washingtontimes.com.

Copyright © 2022 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.

Click to Read More and View Comments

Click to Hide