Whether it’s to gain fame or obtain a large amount of private data, threat actors often target government agencies. Recently, Florida’s Department of Economic Opportunity (DEO) revealed that it has sustained a data breach that targeted its unemployment benefits system, affecting over 57,920 claimant accounts. The security incident reportedly affected user accounts in the Reemployment Assistance Claims and Benefits Information System – CONNECT. While the attackers behind the data breach are unknown, the authorities at DEO have notified the affected users via email.
Threat actors allegedly accessed sensitive information from the CONNECT public claimant portal between April 27, 2021, and July 16, 2021. The exposed data in the breach include social security numbers, driver’s license numbers, bank account numbers, addresses, phone numbers, and birthdates. The attackers may also have obtained the PIN used to access the CONNECT account.
As a security precaution, DEO locked the CONNECT accounts and enhanced its authentication procedures and network security systems to defend against future threats. The department advised the affected users to monitor and report if they suspect any unauthorized activity in their credit accounts. The DEO is also offering identity protection services to the impacted users.
Repercussions of the Data Breach
Data leaks continue to impact organizations globally, affecting their customers with various security risks. Adversaries often leverage leaked data to launch different phishing attacks and commit identity thefts, financial frauds, and other online frauds. The affected users are urged to stay vigilant and avoid responding to an unknown email/text communication or click/download any URLs from unknown sources.
80 U.S. Municipalities Suffered Breach
The DEO data breach comes on the heels after WizCaze uncovered a data breach that affected the residents of over 100 U.S. cities that used a product from PeopleGIS. Over 1,000 GB of data and over 1.6 million files were held in 80 misconfigured Amazon S3 buckets. As per the investigation, the data breach affected users in over 100 U.S. cities that used “mapsonline.net” from the web service provider- PeopleGIS. Read More Here…