The job seeker functionality of America’s Joblink Alliance was compromised by malicious software. Analysts are still working to uncover the exact details of which accounts, if any, were compromised. However, chances are that important personal details were stolen from these accounts, including names and social security numbers.
Luckily, not all account users had social security numbers listed in their accounts.
The Joblink system is considered to be a standalone system unlinked to any other systems in the State of Vermont, even though nine other states are using it. It is unknown whether the malicious software was maliciously inserted into the system or if this is just an unintentional introduction that came as a result of a jobseeker who had an infected computer.
The system has now been fixed, and the company is working together with RSA, a third-party vendor, to perform the forensic analysis. After the system was fixed, the Vermont Department of Labour was notified, which is working closely with America’s Joblink Alliance to notify all affected individuals.
Even though it remains unclear what personal data had been extracted, if any, those who were affected are advised to keep monitoring their bank account statements. Vermont law states that these individuals are entitled to receive a free copy of their report every twelve months.
Should any suspicious activity be spotted, it is important to notify the bank or credit company immediately. Apart from that, it is recommended to report any issues to the local law enforcement office as well.