Crooks may use your name and SSN to buy cars that they sell overseas.
By their very nature, job application and recruiting company hold large amounts of sensitive information of job-seeking individuals. And just like any other organization, they can – and most likely will – be targeted for data breaches. Unfortunately, a number of agencies across the country were hit with a data breach in March that may have left many Americans vulnerable to identity theft.
The largest of these incidents affected a web-based platform that connected job seekers and employers in a number of states. America’s JobLink Alliance (AJLA) reported last year, that it had been attacked by hackers who exploited a vulnerability in its code to access buckets of sensitive information for people in almost 10 states. Those states potentially include Alabama, Arizona, Arkansas, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma and Vermont. The information exposed included names, dates of birth and Social Security Numbers.
More details of the breach
The incident began in February, when a hacker created an account on the AJLA website and used misconfigured code to see potentially massive amounts of personal information, the company said. Eventually, the activity prompted error messages within the AJLA system in March, and the problem was identified and fixed two days later. The firm quickly contacted law enforcement about the issue and said it is in the process of notifying potential victims, as long as they have valid email addresses on file.
Currently, AJLA does not have any evidence that the accessed information has been used for any type of fraud yet, though that doesn’t mean issues like SSN theft are any less likely. The company did take action, alerting potential victims so they can take personal security precautions, like signing up for identity theft protection.
Another potentially huge breach
The U.S. Department of Education and the Internal Revenue Service recently shut down a tool for people who want to apply for federal student financial aid out of fear that it could have resulted in a data-related vulnerability, according to a joint release by the agencies. Specifically, the tool allowed students and parents to automatically download tax return information, and about 5.2 million people used the application from 2014 to 2015.
“The scope of the issue is being explored, and the IRS and FSA are jointly investigating the issue,” the DOE and IRS announced in March “At this point, we believe the issue is relatively isolated, and no additional action is needed by taxpayers or people using these applications.”
The tool is now available to be used again, but there has been no announcement if any records were exposed.
Taking more steps
The good news is that the vast majority of states nationwide have protections in place for consumers and businesses affected by data breaches, including rules governing how people should be notified when these problems arise. New Mexico recently became the 48th state to define these rules, according to Bank Info Security. Only South Dakota and Alabama still don’t have any breach notification rules in place.
With all these issues in mind, it’s vital that you try to stay vigilant about the threats you face and learn more about how you can increase your protections, even when dealing with government agencies. Sign up for Identity Guard today and be proactive in protecting your identity.