A virus that infected computers throughout the Massachusetts unemployment system may have compromised the confidential information of job seekers and up to 1,200 Massachusetts employers, officials said this afternoon.
The breach may have exposed employer identification numbers, bank records, email addresses, and residential and business addresses, state officials reported today. Only employers that manually file could be impacted by the possible data breach.
The Massachusetts Executive Office of Labor and Workforce Development (EOLWD) said anyone who conducted business between April 19 and May 13 requiring that a staff person access personal files online should take precautions including putting a fraud alert on their credit report. Officials are in the process of individually notifying all residents who could be impacted and have advised all relevant and necessary state and federal agencies of the situation.
“We are doing everything possible to provide assistance in how to protect their identities and credit to those affected," said Joanne F. Goldstein, Secretary of Labor and Workforce Development.
"We take our customers privacy very seriously. Unfortunately, like many government and non-government organizations we were targeted by criminal hackers who penetrated our system with a new strain of a virus. All steps possible are being taken to avoid any future recurrence.”
EOLWD said the breach took place after the W32.QAKBOT virus infected approximately 1,500 computers at the Department of Unemployment Assistance, the Department of Career Services and One-Stop Career Centers. Businesses that file their quarterly statements manually (about 1,200 of 180,000) may have had identifying information transmitted through the virus.
Officials could not estimate the total number of individuals and businesses affected by the breach.
EOLWD has set up a hotline, 1-877-232-6200 that will be staffed starting today for the next two weeks.
The extended hours are listed below.
Tuesday, May 17 – Friday, May 20: 7:00 a.m. – 7:30 p.m.
Saturday, May 21: 8:00 a.m. – 1:30 p.m.
Monday, May 23 – Thursday, May 26: 7:00 a.m. – 7:30 p.m.
Friday, May 27: 7:00 a.m. – 5:00 p.m.
EOLWD’s website will also include information to help individuals take any necessary further steps. Individuals are urged to put a fraud alert, also called a credit freeze, on their credit reports so that no credit can be issued without the express consent of the individual. Instructions on how to do this can be found at http://1.usa.gov/jcLaDY