State unemployment agency confirms data breach

 
By Peter Hancock
Capitol News Illinois
phancock@capitolnewsillinois.com
Updated 5/18/2020 5:16 PM

SPRINGFIELD -- The Illinois Department of Employment Security has confirmed that a new online portal that processes claims for federal Pandemic Unemployment Assistance briefly allowed public access to applicants' personal information including Social Security numbers.

The system, which went online May 11, is a federal program that provides unemployment benefits to gig workers and other independent contractors who are not normally covered by regular unemployment insurance.

                                                                                                                                                                                                                       
 

The data breach was first made public Saturday when state Rep. Terri Bryant, a Murphysboro Republican, said in a news release that she had been alerted to the issue by a constituent the previous day.

"Through a series of just two clicks, this constituent stumbled upon the personal information of thousands of unemployment applicants on the IDES website," Bryant said. "This came up in a spreadsheet with thousands of names containing sensitive information. The information she was able to access included the name, address, Social Security number, and unemployment claimant ID number of thousands of people."

In a statement Monday, the Illinois Department of Employment Security said its analysis found that one claimant had "inadvertently" accessed personal data for a limited number of claimants.

"That claimant notified the department of the issue and within an hour, it was corrected to prevent any future unauthorized access," the agency said.

by signing up you agree to our terms of service
                                                                                                                                                                                                                       
 

The state contracted with the international business services company Deloitte to build and maintain the web-based portal. The Illinois Department of Employment Security said it is now working with the company to run a "full-scale investigation" into the problem while conducting additional tests to prevent any future data breaches. It also said it is working to notify affected individuals and will release the analysis of its investigation once it's completed.

Asked about the issue during his daily COVID-19 briefing Monday in Chicago, Gov. J.B. Pritzker said similar issues have occurred elsewhere in the public and private sectors but that the state and Deloitte were working to resolve the problem.

"This, as you know, has happened in large corporations and other aspects of other governments around the United States, and we don't like it happening here," Pritzker said. "Deloitte, which built that system, and obviously the glitch that was in there is something that was a result of the work that was done to build it, but they are offering credit reporting for all of those who are affected by it to make sure that they can monitor their credit in case there's any problem they may undergo."

Meanwhile, the Illinois Department of Employment Security still encourages people covered by the program to continue filing for benefits through the PUA portal. The agency said more than 50,000 claims have been processed through the system so far. The program provides up to 39 weeks' worth of benefits for qualifying workers who have COVID-19-related claims.

People with questions or who need help with unemployment benefits are encouraged to visit IDES.Illinois.gov.

0 Comments
                                                                                                                                                                                                                       
 
Article Comments ()
Guidelines: Keep it civil and on topic; no profanity, vulgarity, slurs or personal attacks. People who harass others or joke about tragedies will be blocked. If a comment violates these standards or our terms of service, click the X in the upper right corner of the comment box. To find our more, read our FAQ.