Expert Commentary: Data Breach In State’s New PUA Unemployment System Exposes Some Claimants’ Personal Info

A data breach for the Illinois’ new system to process unemployment claims for contractors and gig workers exposed personal information for potentially thousands of people, but state officials said the error was fixed within an hour of learning of the issue. The Illinois Department of Employment Security confirmed one person who has filed claim for benefits through the Pandemic Unemployment Assistance program was able to access personal information for “a limited number of claimants” on Friday. Illinois State Rep. Terri Bryant (R-Murphysboro) said a constituent in her district made her aware of the data breach, after inadvertently accessing a spreadsheet with names and personal information for thousands of unemployment applicants. IDES said the problem was fixed within an hour of being notified.

Experts Comments

May 19, 2020
Mark Bower
Senior Vice President
comforte AG
All indications are that this was an accidental software issue, but such incidents can be the cause of massive breaches of trust as well as data. Given the critical need for data security for businesses and people in stressed economic times, organizations establishing new services should really take a look at more modern, snap-in data tokenization technology to modernize their approach to data collection. When storing critically sensitive data, security and privacy must always be at the front .....Read More
All indications are that this was an accidental software issue, but such incidents can be the cause of massive breaches of trust as well as data. Given the critical need for data security for businesses and people in stressed economic times, organizations establishing new services should really take a look at more modern, snap-in data tokenization technology to modernize their approach to data collection. When storing critically sensitive data, security and privacy must always be at the front of the discussion. While the issue in this particular breach was reportedly rectified in an hour, that is still long enough for dangerous criminals to steal troves of valuable personal information and leverage it for their own monetary gain - either by selling it on the dark web or conducting identity fraud. No matter what the reason is behind this particular data exposure, this incident surely points out that any kind of data could be at risk and at any given time. Therefore, more must be done to consider data protection and privacy at the earliest point of entry into databases, files, and other stored areas, as to minimise exposures of all sizes  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts