Ohioans’ personal info exposed in pandemic unemployment data breach, ODJFS says

A data breach has affected Brunswick County Schools employees who participated in one of its...
A data breach has affected Brunswick County Schools employees who participated in one of its benefits plans, the school system announced Friday.(Pixabay)
Updated: May. 20, 2020 at 4:11 PM EDT
Email This Link
Share on Pinterest
Share on LinkedIn

COLUMBUS, Ohio (FOX19) - The personal information of Ohioans receiving pandemic unemployment assistance was recently exposed to a data breach, according to Ohio Department of Jobs and Family Services.

The information reportedly included names, Social Security numbers and street addresses.

ODJFS acknowledged what it described as the “data issue” in a release sent out Wednesday afternoon.

The department says Deloitte Consulting notified it last weekend that around two-dozen people were able “to view other PUA claimants’ correspondence.”

Deloitte Consulting is under contract to administer the PUA program.

The release does not clearly state whether those two-dozen people were ODJFS employees, Deloitte employees or claimants themselves, but seems to imply the latter.

It also does not state how many claimants were affected.

In its release, ODJFS says the people had “accidental access to the system data.”

In a letter to a claimant affected by the breach, ODJFS says the claimant’s “name, Social Security number, and street address pertaining to your application for and receipt of unemployment compensation benefits inadvertently had the capability to be viewed by other unemployment claimants.”

The letter, which was reviewed by FOX19 NOW, continues: “At this time, there is no evidence or indication to believe that your personal information was improperly used; therefore, our actions, as well as the actions you may want to consider, are preventative.”

The letter lays out precautions the claimant can take, including credit monitoring through a credit report bureau.

Deloitte is offering credit monitoring to all PUA claimants for 12 months, according to ODJFS.

ODJFS says Deloitte fixed the breach within an hour, and the department contacted those affected with letters similar to the one referenced above.

“ODJFS holds the confidentiality of claimant data in the highest regard and agreed with the immediate steps Deloitte took to prevent any unauthorized PUA access in the future," the department’s release read.

Copyright 2020 WXIX. All rights reserved.