Arkansas JobLink Has Been Affected By A Security Incident.
Arkansas JobLink has been affected by a security incident. Between 3/2/2017 and 3/14/2017, individual job seeker account information including name, date of birth, and Social Security number may have been accessed by an unauthorized user. Additional details about the incident and how to protect your information can be found here or call the AJLA Response Center at (844) 469-3939.
"Law enforcement was immediately notified and an independent forensic firm was retained to investigate the cause and scope of the malicious activity. This investigation revealed that by exploiting a code misconfiguration, the hacker was able to see the name, date-of-birth, and social security numbers of affected job seekers accounts," the department wrote in a statement.
The breach affected 597,214 Arkansans, but only about 100,000 have been notified because they had valid emails.
Little Rock based tech company Aristotle does not host or manage the workforce website and was not involved in the cyber attack, but their president Elizabeth Bowles is an expert in the field and says the state does have a law about security breach notifications.
"It requires reporting under certain circumstances and in certain ways and email is sufficient if the breach is over 500,000 people or it costs more than $250,000 dollars to accomplish by other means." Bowles said.
"It's important the state do its due diligence to ensure those third party servers are secure and those third parties can be trusted," she said.
The threat of a future breach has been eliminated according to a statement from the Dept. of Workforce Services. Those who had their information on the website are encouraged to monitor their accounts and credit reports.
"Law enforcement was immediately notified and an independent forensic firm was retained to investigate the cause and scope of the malicious activity. This investigation revealed that by exploiting a code misconfiguration, the hacker was able to see the name, date-of-birth, and social security numbers of affected job seekers accounts," the department wrote in a statement.
The breach affected 597,214 Arkansans, but only about 100,000 have been notified because they had valid emails.
Little Rock based tech company Aristotle does not host or manage the workforce website and was not involved in the cyber attack, but their president Elizabeth Bowles is an expert in the field and says the state does have a law about security breach notifications.
"It requires reporting under certain circumstances and in certain ways and email is sufficient if the breach is over 500,000 people or it costs more than $250,000 dollars to accomplish by other means." Bowles said.
"It's important the state do its due diligence to ensure those third party servers are secure and those third parties can be trusted," she said.
The threat of a future breach has been eliminated according to a statement from the Dept. of Workforce Services. Those who had their information on the website are encouraged to monitor their accounts and credit reports.