The personal information of millions of job seekers across ten states was compromised when an attacker managed to exploit a vulnerability in the application code of the America’s Job Link Alliance division of the Kansas Department of Commerce.  

How many victims? 5.5 million Personal user accounts were affected plus an additional 805,000 more accounts without social security numbers were affected in the breach.

What type of information?  Social security numbers, names, and dates of birth.

What happened?  On Feb. 20, the threat actor opened a job seeker account in an America’s JobLink (AJL) system, and exploited a misconfiguration in the application code to gain unauthorized access to other job seekers’ information. The threat actor displayed activity on the AJL systems in ten stated including:  Alabama, Arkansas, Arizona, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma, and Vermont. Accounts created prior to March 14, were most likely affected.

What was the response?  Officials noticed unusual activity on March 12 and the misconfiguration was identified and patched on March 14. Those who were affected should have been notified by email within five to 10 business days from March 24. The agency contacted an independent security agency to investigate the incident as well as the Federal Bureau of Investigation. Up to a year of credit monitoring servicers is being offered to those who were affected.

Quote:  “You may contact the AJLA Response Center with additional questions about the incident at 844.469.3939,” according to an AJLA press release. “The Response Center’s hours are 8 am CDT until 8 pm CDT Monday through Friday. The Response Center can also assist you with determining your eligibility for credit monitoring as part of this incident.”

Source: America’s JobLink (AJL) press release, KCUR 89.3