Advertisement

Breach of Florida unemployment site affects nearly 58,000 accounts, state says

State officials said malicious actors may have accessed the personal information, including bank account numbers, of people who filed for unemployment payments.
Florida state capitol building
The Florida Capitol in Tallahassee. (Getty Images)

The Florida Department of Economic Opportunity said this week that it recently learned of a “data security incident” that potentially exposed the personal information belonging to nearly 58,000 accounts on the state’s unemployment insurance system.

The breach, which officials said was detected July 16, involved potentially fraudulent activity after malicious actors targeted accounts on the state’s claim system, known as CONNECT. In total, 57,920 claimants’ accounts were targeted by what the department referred to as an “unauthorized party” over a nearly three-month period that began April 27.

No other malicious activity detected on any of the agency’s internal systems, the department said.

But officials said the actors behind the incident may have accessed a wide range of the targeted claimants’ personal information, including Social Security numbers, driver’s license numbers, bank accounts, claim information, as well as addresses, phone numbers and dates of birth. Additionally, the malicious activity may have also compromised the credentials those individuals used to log into the CONNECT system, officials said.

Advertisement

The Department of Economic Opportunity has not published anything on its main website about the breach, but officials said they have been notifying the affected individuals, in addition to tightening security controls. The department said affected accounts have been locked, that it notified major consumer credit reporting agencies and purchased a year’s worth of identity protection services for impacted individuals.

State unemployment systems nationwide have struggled constantly since the start of the COVID-19 pandemic in March 2020, with attempts to steal credentials and commit fraud running losses into the billions of dollars. A January report from the security firm Recorded Future found that within days of the creation of pandemic unemployment assistance programs, online criminal marketplaces filled up with activity aimed at ripping off state programs.

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts