America’s JobLink (AJL) recently suffered data breach due to hacking incident. It works with state governments to help job seekers with necessary information across the United States. As per the reports, hacker viewed the personal information of job seekers across 10 states.
Affected information includes the names, Social Security numbers and birthdates of job seekers in Alabama, Arizona, Arkansas, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma and Vermont. The incident has affected 4.8 million accounts.
After creating a new account hacker exploited a vulnerability to access data. Company is working with law enforcement. It has also contracted a forensic firm to determine the extent of breach.
“The firm has verified that the method of the hacker’s attack has been remediated and is no longer a threat to the AJLA-TS system,” AJL mentioned.
Lisa Baergen, director of marketing at NuData Security said that whenever personally identifiable information (PII) is involved, the stolen data can be cross-referenced with data from other breaches to present an even greater threat.
“As a society, we’ve reached the point where every organization entrusted with PII should be constantly testing and hardening its external and internal defenses, and embracing more proactive, effective levels of defense such as consumer behavior analytics solutions, which can constantly validate legitimate users — even when the stolen but accurate credentials are presented,” Baergen said. “That would be the best way to help prevent the sorts of deceitful transactions and identify theft that otherwise may lie ahead for these unfortunate JobLink victims.”
The recent surveys can be summarised as below. It shows the vulnerabilities present in the organizations:
- Sixty nine percent of respondents mentioned that some of their organization’s existing security solutions are outdated
- Ponemon Institute survey which was sponsored by Citrix mentioned that just 32 percent of respondents are confident that their employees’ devices are not providing criminals with access to their corporate networks and data
- Forty eight percent of respondents said their organization has security policies
- Thirty seven percent of respondents said their organization is highly effective in protecting sensitive data
Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.