Millions of Social Security Numbers of Job Seekers From 10 States Hacked in Kansas Department of Commerce Breach

Just how many Social Security numbers were exposed in the Kansas Department of Commerce breach?

Over 5.5 million.

That’s right. Hackers who breached the system in March hit the payload, according to this Associated Press story posted by the Chicago Tribune,  which reports the criminals  gained “access to more than 5.5 million Social Security numbers in 10 states, along with another 805,000 accounts that didn’t include the Social Security numbers, according to records obtained from the agency.”

If your Social Security number was compromised, you’re at much higher risk of having your identity stolen. Sign-up for an annual subscription and when identity theft happens to you, LibertyID gets you everything back with fully-managed identity theft restoration. There’s no limit to the time or money we will spend restoring your identity to pre-event status.

Aside from Kansas, other affected states include:

  • Arkansas,
  • Arizona,
  • Delaware,
  • Idaho,
  • Maine,
  • Oklahoma,
  • Vermont,
  • Alabama and
  • Illinois.

The data is from websites that help people find jobs, like kansasworks.com. America’s Job Link Alliance discovered the suspicious activity on March 12. We wrote about that here.

A statement from America’s JobLink Alliance explained the incident as such:

On February 20, 2017, a hacker created a job seeker account in an America’s JobLink (AJL) system. The hacker then exploited a misconfiguration in the application code to gain unauthorized access to certain information of other job seekers. This misconfiguration has since been eliminated.”

At the time news of the breach broke, it was unclear how many total records were compromised. It took an open records request to get the info.

The department has sent out about 260,000 emails to victims, but hasn’t contacted all of them because it doesn’t have their email addresses. According to the department, Kansas law does not require that victims are notified via postal mail or telephone. That means the majority of victims have no idea they’re now at an increased risk for identity theft.

If you are notified of a breach, you are 11 times more likely to be a victim of identity fraud than those who are not notified, according to the 2017 Identity Fraud Study by Javelin Strategy & Research.

Data breaches that involve Social Security numbers are considered the most egregious because of all the things someone can do with your Social Security number. If an identity thief gets a hold of your Social Security number, they can use it to open up bank accounts and sign up for credit cards, which they quickly max out and leave you hanging with the bill.

This is where LibertyID can help. Our success rate for restoring stolen identities is 100 percent, often within just 30-45 days. As a LibertyID subscriber, if something happens, all you have to do is contact us and our army of trained specialists go to work immediately to restore your identity to its pre-event status.

 


Have you been a victim of a data breach?
Get Covered

Image: Pixabay