America’s JobLink (AJL) system affected by security incident.
As if trying to find a job online isn’t stressful enough, new reports of a multi-state employment website data breach have surfaced. Residents in 10 states – Alabama, Arizona, Arkansas, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma, and Vermont – may have had their personal data compromised through the America’s JobLink Alliance portal, exposing what is believed to be more than 4.8 million Americans’ identities.
America’s JobLink Alliance is used to not only coordinate unemployment benefits, it also serves as a site to help citizens discover employment opportunities. There’s also a feature that allows employers to post their job vacancies with the hopes of filling those positions.
Unfortunately, as with any data breach, the investigation is churning along quite slowly. The additional obstacle is in the different states’ stakes in it. One state may have only had 100,000 people targeted, while another can have five times that number. Different legislation in different states also means the notification to affected victims can happen very quickly or very slowly, and possibly not at all depending on what information was compromised.
Lack of consistency
As of yesterday, one state has told its citizens that there’s no news on what information was accessed, while another state has already said Social Security numbers were breached and those individuals will be notified by email immediately. The lack of consistency in the state-by-state legislation means that some victims are already aware of the event and can take action, while others are still in the dark about someone stealing their personal data. Some states have yet to notify their victims, while others have already urged victims to enact a “fraud alert” on their credit reports.
One of the interesting trends in identity theft and data breaches is in the industries that are targeted. In 2016, it was the year of the medical facility, as hospitals and doctors’ offices around the US suffered data breaches and ransomware attacks. Schools quickly followed suit, as did tax payer services, largely due to the abundance of data they collect and the typically poor security protocols they use to protect it. Now, there’s a shift to labor services, again, possibly due to the overwhelming amount of personal information that job applicants must provide.