Maryland Department of Labor discloses a data breach

The recent announcement made by the Maryland Department of Labor affirms that a huge data of personally identifiable information (PII) was compromised in one of the recent hacks attempted at the department with the motive of attaining the same.

The security reach was aimed particularly on the Literacy Works Information System and a legacy unemployment insurance service database. As per the department, there is a high possibility that the attackers were successful in extracting information and may misused.

The statement says that “Earlier this year, at the request of the Maryland Department of Labor, the Maryland Department of Information Technology—the agency overseeing all state information technology functions and policies—initiated an investigation and determined that files stored on the Literacy Works Information System and a legacy unemployment insurance service database were subject to possible unauthorized access through the Internet.” reads the data breach notice published by the Maryland Department.

“Upon notification of the possibility of unauthorized access, Maryland DoIT implemented countermeasures and initiated an investigation.”

The hack enabled hackers to access files stored in the section of Literacy Works Information System dating back to 2009 to 2014. The compromised data include important personal information including first names, last names, and social security numbers. Though a plausibility of misuse of the hacked information was indicated as per the investigation, nothing as such have been noticed or reported.

As per the department-“While some personally identifiable information may have been accessed without authorization, a thorough investigation conducted by the Department has not revealed any misuse of the accessed data.”

As of now also, “To date, this investigation has not produced evidence to confirm that any personally identifiable information was downloaded or extracted from Labor server.”

Steps are been taken by Maryland DoIT to prevent such incidents happening and it has also been reported to law enforcement for the further investigation process.

A formal notification from the department has been sent to the impacted customers; potentially affected users have to carefully monitor their accounts. Though the number of affected parties has not been announced Maryland’s WMAR-2 estimates that 78,000 people may have been impacted due to this data breach attack.