Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Saturday May 23 2020, @03:38AM   Printer-friendly
from the good-fast-cheap:-pick...none? dept.

Four states warn unemployment benefits applicants about data leaks:

The breaches stem from two incidents in which states hired contractors to quickly implement the Pandemic Unemployment Assistance program, or PUA, a version of unemployment insurance for Americans who don't qualify for conventional unemployment benefits but are otherwise unable to work because of the pandemic.

[...] The first incident stems from Arkansas, which launched its PUA website May 5. A week and a half later, it was forced to temporarily take the website down and alert 33,000 initial applicants that they had been exposed to a "data security incident," said Alisha Curtis, a spokesperson for the state Commerce Department.

[...] According to The Arkansas Times, the state took those steps only after a programmer trying to file for unemployment noticed a vulnerability that exposed the Social Security numbers and banking information of people who had applied for the program.

A contract acquired by KATV-TV of Little Rock showed that the state had paid a local company, Protech Solutions, $3 million to create its PUA website in a span of three weeks. Protech didn't respond to a request for comment.

[...] The second incident stems from one vendor. Colorado, Illinois and Ohio all hired the international consulting company Deloitte to build their PUA websites, each of which launched last week. The states have since alerted residents of a potential data leak.

According to a video that Illinois state Rep. Terri Bryant posted to Facebook, a constituent who tried to register for PUA benefits stumbled across "multiple peoples' names, full Social Security numbers, addresses," physical addresses and correspondence with the state Employment Security Department.

[...] The states said Deloitte told each of them about a bug that gave some claimants access to others' personal information and said it fixed the issue within an hour. The company told Ohio that about two dozen of its residents were given such access, and it told Colorado that about six were, according to representatives of the states' labor departments.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Saturday May 23 2020, @03:43AM (3 children)

    by Anonymous Coward on Saturday May 23 2020, @03:43AM (#998062)

    So how much is it on the black market for the SSNs of 26 million unemployed people?

  • (Score: 3, Touché) by MostCynical on Saturday May 23 2020, @04:15AM (2 children)

    by MostCynical (2589) on Saturday May 23 2020, @04:15AM (#998064) Journal

    how is a Social Security Number still worth anything?
    Surely they are, by now, all public information?
    Does anyone in America have a 'secret' SSN?

    --
    "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
    • (Score: 1, Insightful) by Anonymous Coward on Saturday May 23 2020, @12:16PM (1 child)

      by Anonymous Coward on Saturday May 23 2020, @12:16PM (#998121)

      No. The SSN is not a secret, is not meant as a secret, and thinking it ever was a secret is foolish.

      • (Score: 0) by Anonymous Coward on Sunday May 24 2020, @12:54AM

        by Anonymous Coward on Sunday May 24 2020, @12:54AM (#998318)

        But it is being used as a secret by organizations with greater access to justice than you, so it is in your interest to keep it secret.