Updated March 28, 2017 13:00

America Job Link Alliance Data Breach Frequently Asked Questions

See also: Call center open for JobLink users impacted by data breach

Q: What happened?

America’s JobLink (AJL) web-based system that links job seekers with employers in Delaware and nine other states was hacked by a malicious third party last week. Approximately 253,420 Delaware JobLink users dating back to 2007 may be affected, including 200,201 of these users whose names, dates of birth and social security numbers may have been breached. Initial reports showed no evidence that Delaware’s JobLink system was part of the breach. However, on the afternoon of March 22 the Delaware Department of Labor’s Division of Employment & Training learned that, in fact, Delaware JobLink data had been breached.

Q: What personally identifiable information was the hacker able to see?

The personally identifiable information included users’ names, dates of birth, and Social Security numbers.

Q: What help is available to me now?

We have partnered with Equifax® to provide its Equifax Credit Watch™ Silver identity theft protection product for three years at no cost to you. Delaware insisted on three years of free credit reporting and we are honoring that agreement. If you choose to take advantage of Credit Watch™ Silver, Equifax will provide you with a notification of any changes to your credit information, up to $25,000 Identity Fraud Expense Coverage, and access to your credit report. Keep in mind; you must complete the enrollment process within 90 days.

Q: Is a social security number required to use Delaware JobLink?

If an individual creates a job seeker account on their own, creates a resume, searches for work and uses our self-service tools such as career lattices, they do not need to provide a SSN. Federal reporting requirements, however, do require the user's SSN at the time that Delaware Department of Labor staff provide services, including training and coordination with other DOL services. Social Security numbers are also required for all unemployment claimants who register with JobLink in order for the office to track that they have complied with their obligations to register/seek work.

Q: Which states were affected?

The hacker was found to have been in the AJL systems of ten states: Alabama, Arkansas, Arizona, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma, and Vermont.

Q: Is the JobLink site now safe to use?

The vulnerability was identified and eliminated on March 14 and no longer poses a threat to the AJL systems.

Q: Is law enforcement involved?

Yes. AJLA–TS contacted law enforcement immediately and is currently working with the FBI to identify and apprehend the hacker.

Q: How did this happen?

On February 20, 2017, a hacker created a job seeker account in an America’s JobLink (AJL) system. The hacker then exploited a vulnerability in the application code to gain unauthorized access to certain information of other job seekers. This vulnerability has since been eliminated. America’s Job Link Alliance–Technical Support (ALJA–TS) first noticed unusual activity in AJL via system error messages on March 12. AJLA–TS immediately notified law enforcement, retained an independent forensic firm to investigate the cause and scope of the activity, and secured the application code.

Q: Was a virus involved?

No. This incident did not involve a virus or any other form of malware.

Q: If AJLA–TS knew about this incident on March 12, why am I only learning about this now?

Before releasing a public announcement, it was important that AJLA–TS identify the vulnerability and eliminate it from the system. The forensic firm’s analysis required the review of a significant amount of system data. This analysis was needed to confirm that the hacker had actually accessed individuals’ information, so as not to unnecessarily alarm affected individuals. Finally, it was critically important that any announcement not interfere with law enforcement’s investigation.

Q: What now and how can I protect myself from identity theft?

While we do not have evidence that your information was misused, job seekers should remain vigilant with respect to reviewing bank, credit card, and debit card account statements and report any suspicious activity to your bank or credit company. By next week, AJL will establish a toll-free number for impacted users to call for more information. In the meantime, Delaware JobLink users are encouraged to monitor credit reports with major credit reporting agencies listed below:

TransUnion 1 800 916-8800 PO Box 2000 Chester, PA 19022 www.transunion.com

Equifax 1 800 685-1111 PO Box 740241 Atlanta, GA 30374 www.equifax.com

Experian 1 888 397-3742 PO Box 2104 Allen, TX 75013 www.experian.com

Individuals may request a fraud alert and or a credit freeze on your file. They may also contact the IRS Identity Protection Specialized Unit at 1-800-908-4490. See identitytheft.gov/databreach for additional follow-up steps.

If you believe a fraudulent return may have been filed using your information please contact the Delaware Division of Revenue at 1-800-292-7826 or 302-856-5358 or visit our website at www.revenue.delaware.gov for more information regarding identity theft.

Department of Labor