<div dir="ltr"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><a href="http://www.totpi.com/topeka-data-firm-investigating-data-breach/">http://www.totpi.com/topeka-data-firm-investigating-data-breach/</a></div><div dir="ltr"><div><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><p>Hackers obtained personal data, including Social Security numbers and
birth dates, from a Topeka company that manages information services
for workforce agencies in 10 states, officials said Wednesday.<span id="gmail-more-39473"></span></p>
<p>America’s Job Link Alliance, a 50-year-old company, provides a
web-based system that links job seekers with employers for Kansas,
Alabama, Arizona, Arkansas, Delaware, Idaho, Illinois, Maine, Oklahoma
and Vermont, a press release said.</p>
<p>The hack occurred on March 21 and was discovered by America’s Job
Link Alliance Technical Support, the arm of AJL that serves as its
national information systems development and support center.</p>
<p>“AJLA–TS confirmed that a malicious third party ‘hacker’ exploited a
vulnerability in the AJL application code to view the names, Social
Security Numbers, and dates of birth of job seekers in the AJL systems
of up to ten states,” a company press release said. “AJLA–TS immediately
intervened and deployed its technical team to assess and stop the
incursion, disabling the hacker’s access to the AJL systems.”</p>
<p>The team fixed the vulnerability that allowed the attack and the data
is no longer accessible to the hacker, the company said. AJLA is
working with law enforcement officials to identify and apprehend the
hacker. “</p>
<p>An independent forensic firm is completing work to determine how many
job seeker accounts may have been viewed and where those individuals
are located,” the company release said.</p>
<p>America’s JobLink is one of three products that AJLA provides to
workforce organizations. According to the company website, the JobLink
services is an “all-in-one labor exchange and case management solution
for workforce development organizations” that has four sections,
JobLink, ServiceLink, ProviderLink and FiscalLink.</p>
<p>Other products developed and maintained by AJLA, including
ReportLink, a data management system, and CertLink, a Work Opportunity
Tax Credit management system, were not affected by the hack, the company
said.</p>
<p>Kansas officials could not be reached for comment regarding how many
Kansas job seekers or employers might be impacted by this data breach.</p>
<p>The Northwest Arkansas Democrat Gazette broke this story Tuesday,
based on an anonymous tip, and reported that Arkansas government
officials said a malicious virus was found in AJLA’s system and the FBI
is assisting with the investigation.</p>
<p>In Arkansas, the data of 19,000 job seekers was at risk, the
newspaper reported. It said that AJLA had been in contact with Arkansas’
Workforce Services, but quoted a spokesman who said, “It’s been
difficult to get answers out of them lately,” Guntharp said. “We’re
starting to grow impatient.”</p></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div>