Maryland Department of Labor exposes information of 78,000 users in a data breach.

On July 5, 2019, the Maryland Department of Labor (DoL) revealed in a press release that its database was accessed by unauthorized users. Sensitive information of around 78,000 customers stored in the department's database was affected in the breach.

Nature of the affected information

The files stored on the Literacy Works Information System (LWIS) and an unemployment insurance service database were compromised. The LWIS files from 2009, 2010, and 2014 contained the first names, last names, Social Security numbers, dates of birth, cities or counties of residence, graduation dates, and record numbers of users. The 2013 unemployment insurance service database contained the first names, last names, and Social Security numbers of users.

What are the investigation's findings?

As soon as the attack was detected, Maryland DoL contacted both law enforcement and the Maryland Department of IT; it also hired an independent cybersecurity expert to assist with the investigations. It was revealed that even though the breach occurred, there is no evidence suggesting that data was downloaded from the databases. With the help of the security team, they reviewed and strengthened the existing security protocols to prevent similar attacks in the future.

What are they doing post-attack?

Maryland DoL is in the process of notifying the affected individuals regarding the breach and advising them to monitor their accounts for any suspicious activity. The affected users will receive two years of free credit monitoring services. 

Maryland DoL is not the first government agency to fall victim to a cybersecuity incident. If you want to avoid cybersecurity disasters like these, investing in a comprehensive SIEM solution like Log360 is key.Download a 30-day, free trial to start combating internal and external security attacks now.