ORLANDO, Fla. — "Malicious actors" may have stolen personal information, such as social security and bank account numbers, in a data breach of Florida's beleaguered unemployment benefits system, the state's Department of Economic Opportunity said Friday.
What You Need To Know
- Personal information may have been stolen from DEO between April 27 and July 16, it said
- DEO said it locked accounts, improved PIN security controls and enhanced security systems
- About 58,000 claimant accounts were targeted, the agency says
- RELATED: Your Florida unemployment system questions, answered
The agency announced the data breach in a letter sent to impacted people Friday. It said 57,920 claimant accounts were targeted.
The letter said “malicious actors” may have stolen personal information over a more than month-long period between April 27 and July 16. DEO said the breach was discovered July 16.
DEO DATA BREACH: Awaiting further details from DEO about the extent of this.— Greg Angel (@NewsGuyGreg) July 23, 2021
Several people forwarded this email, which says DEO detected a data breach on July 16.
Fraud continues to be one reason claims are taking so long to be processed. pic.twitter.com/83SZCYa8Br
“Information contained in your claimant account may have been accessed, including the following: Social Security Number, driver’s license number, bank account numbers, claim information, and other personal details, such as address, phone number, and date of birth,” the DEO letter states. “In addition, the malicious actors may have acquired the PIN you use to access your CONNECT account.”
CONNECT is the database that people use to file unemployment benefits.
DEO said it proactively locked accounts, improved PIN security controls and enhanced network security systems.
DEO recommends those who received the letter to closely watch credit accounts.
We recommend you monitor your financial accounts, and if you see any unauthorized activity, promptly contact your financial institution. You may also contact the Federal Trade Commission (FTC) by calling 1-877-ID-THEFT (1-877-438-4338) or online at www.ftccomplaintassistant.gov/
You also may want to contact the three U.S. credit reporting agencies (Equifax, Experian and TransUnion) to obtain a free credit report from each by calling 1-877-322-8228 or by logging onto www.annualcreditreport.com.
Additionally, DEO has purchased a year’s subscription of LifeLock’s identity protection services on your behalf. LifeLock will be providing you with a notification through mail in the coming days, which will explain the services that you will receive. LifeLock will also be providing call center services that you may utilize in the event you have questions about this notice.
You may call LifeLock’s call center at 1-866-918-3797.
Fraud remains an ongoing problem for states like Florida, with some estimates saying fraudsters may have gotten away with more than $400 billion with fraudulent claims filed across the U.S.
Friday’s announcement is the closet DEO has come to answering Spectrum News’ questions about the volume of fraud.
Multiple people have expressed to Spectrum News issues with new unemployment claims not being able to be filed due to existing fraud; hackers using stolen information to file fraudulent claims.
Some of those people tell Spectrum News that although they appreciate DEO’s actions, they’re concerned about staffing.
“The Reemployment Assistance program currently has 22 staff members dedicated to investigating Reemployment Assistance Fraud,” DEO said in a statement to Spectrum News. “This does not include other areas within the Department, such as the Office of Inspector General, that also investigates Reemployment Assistance fraud. Additionally, it also does not include external entities; such as federal state, and local law enforcement that assists the Department in Reemployment Assistance fraud investigation.”
Before Friday’s announcement of a data breach, DEO previously told Spectrum News:
"Fraud detection and research is ongoing at the Department, and we continue to look for additional ways to mitigate instances of Reemployment Assistance fraud and protect Floridians’ identities. Recently, the Department implemented a fraud prevention measure that prevents claimants from changing their banking information and their email address within CONNECT to help mitigate instances of accounts being hacked. Claimants may find instructions on how to change this information through CONNECT. Claimants are always encouraged to verify that their account information, such as their contact information and bank account information, is accurate and up to date each time they access their account. Claimants should also make sure to verify any suspicious emails or phone calls to make sure they are official correspondences and to mitigate instances of Reemployment Assistance fraud or identity theft on their end.”