[BreachExchange] Topeka Data Firm Investigating Data Breach

Inga Goddijn inga at riskbasedsecurity.com
Wed Mar 22 16:33:02 EDT 2017


http://www.totpi.com/topeka-data-firm-investigating-data-breach/

Hackers obtained personal data, including Social Security numbers and birth
dates, from a Topeka company that manages information services for
workforce agencies in 10 states, officials said Wednesday.

America’s Job Link Alliance, a 50-year-old company, provides a web-based
system that links job seekers with employers for Kansas, Alabama, Arizona,
Arkansas, Delaware, Idaho, Illinois, Maine, Oklahoma and Vermont, a press
release said.

The hack occurred on March 21 and was discovered by America’s Job Link
Alliance Technical Support, the arm of AJL that serves as its national
information systems development and support center.

“AJLA–TS confirmed that a malicious third party ‘hacker’ exploited a
vulnerability in the AJL application code to view the names, Social
Security Numbers, and dates of birth of job seekers in the AJL systems of
up to ten states,” a company press release said. “AJLA–TS immediately
intervened and deployed its technical team to assess and stop the
incursion, disabling the hacker’s access to the AJL systems.”

The team fixed the vulnerability that allowed the attack and the data is no
longer accessible to the hacker, the company said. AJLA is working with law
enforcement officials to identify and apprehend the hacker. “

An independent forensic firm is completing work to determine how many job
seeker accounts may have been viewed and where those individuals are
located,” the company release said.

America’s JobLink is one of three products that AJLA provides to workforce
organizations. According to the company website, the JobLink services is an
“all-in-one labor exchange and case management solution for workforce
development organizations” that has four sections, JobLink, ServiceLink,
ProviderLink and FiscalLink.

Other products developed and maintained by AJLA, including ReportLink, a
data management system, and CertLink, a Work Opportunity Tax Credit
management system, were not affected by the hack, the company said.

Kansas officials could not be reached for comment regarding how many Kansas
job seekers or employers might be impacted by this data breach.

The Northwest Arkansas Democrat Gazette broke this story Tuesday, based on
an anonymous tip, and reported that Arkansas government officials said a
malicious virus was found in AJLA’s system and the FBI is assisting with
the investigation.

In Arkansas, the data of 19,000 job seekers was at risk, the newspaper
reported. It said that AJLA had been in contact with Arkansas’ Workforce
Services, but quoted a spokesman who said, “It’s been difficult to get
answers out of them lately,” Guntharp said. “We’re starting to grow
impatient.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170322/5447cef3/attachment.html>


More information about the BreachExchange mailing list