Personal data used in COVID-19 unemployment claims exposed in default


Thousands of Social Security numbers were reportedly exposed.

Angela Lang / CNET

For the most up-to-date news and information on the coronavirus pandemic, visit the WHO website.

The personal data of the people who seek coronavirusUnemployment-related benefits were exposed over the weekend, the Ohio Department of Job and Family Services (ODJFS) confirmed Wednesday. Deloitte, who administers the program, notified ODJFS that approximately a dozen people were able to view the data of other claimants in that state. The data reportedly included thousands of Social Security numbers and addresses.

Deloitte fixed the problem in an hour, ODJFS said, with the department contacting those who accidentally had access to the data of others.

In a response Friday, Deloitte said "a unique circumstance" allowed three dozen jobseekers in Colorado, Illinois and Ohio to see the details of others.

"We are deeply committed to protecting the personal information of our customers and the people they serve," added a Deloitte spokesperson. "The systems were not hacked or externally violated."

"Although there is no evidence of a widespread data commitment, Deloitte is offering credit monitoring to all applicants (Pandemic Unemployment Assistance) for 12 months," ODJFS said.

On Thursday, Ohio residents filed lawsuits against Deloitte for handling their data, alleging negligence and poor security practices that led to the exposure. The lawsuits, filed in federal court in Manhattan and state court in Ohio, were previously reported by Bloomberg.

Those seeking unemployment benefits in Colorado were also affected, the state Department of Labor and Employment confirmed Friday. "On Saturday, May 16, we were notified of a limited and intermittent data access problem in which a handful of people within the new Colorado Pandemic Unemployment Assistance application were able to accidentally view the correspondence of other claimants," said the department in a statement sent by email. "Deloitte worked quickly once unauthorized access was identified and resolved the problem within one hour."

Exposure is the latest headache for jobless applicants during the coronavirus pandemic. Others who have applied have found that they are victims of identity theft, and that someone else has already claimed benefits on your behalf, according to complaints to the FTC. On Saturday, cybersecurity writer Brian Krebs reported that the US Secret Service. USA Had issued a warning about a Nigerian criminal network Stolen Social Security numbers to apply for unemployment benefits.

The Illinois Department of Employment Security did not immediately respond to a request for comment.


Please enter your comment!
Please enter your name here