The Florida Department of Economic Opportunity said this week that it recently learned of a “data security incident” that potentially exposed the personal information belonging to nearly 58,000 accounts on the state’s unemployment insurance system.
The breach, which officials said was detected July 16, involved potentially fraudulent activity after malicious actors targeted accounts on the state’s claim system, known as CONNECT. In total, 57,920 claimants’ accounts were targeted by what the department referred to as an “unauthorized party” over a nearly three-month period that began April 27.
No other malicious activity detected on any of the agency’s internal systems, the department said.
But officials said the actors behind the incident may have accessed a wide range of the targeted claimants’ personal information, including Social Security numbers, driver’s license
The Department of Economic Opportunity has not published anything on its main website about the breach, but officials said they have been notifying the affected individuals, in addition to tightening security controls. The department said affected accounts have been locked, that it notified major consumer credit reporting agencies and purchased a year’s worth of identity protection services for impacted individuals.
State unemployment systems nationwide have struggled constantly since the start of the COVID-19 pandemic in March 2020, with attempts to steal credentials and commit fraud running losses into the billions of dollars. A January report from the security firm Recorded Future found that within days of the creation of pandemic unemployment assistance programs, online criminal marketplaces filled up with activity aimed at ripping off state programs.