April 3, 2017 / PDF version
Dear Illinois Job Seeker:
On March 22, 2017, the Illinois Department of Employment Security (IDES) received confirmation that one of its vendors, America’s Job Link Alliance (AJLA), experienced a data breach. AJLA owns America’s JobLink (AJL), which is a multi-state web-based system that links job seekers with employers for 10 states, including Illinois. Illinois uses the AJL system as the platform for its Illinois JobLink website, which serves Illinois job seekers and employers. America’s Job Link Alliance - Technical Support (AJLA-TS) maintains the AJL system software.
The vulnerability that permitted the hack was not the result of any deficiency in software maintained by the State of Illinois.
IDES is attempting to individually notify each Illinois job seeker who was affected by the breach. If the job seeker provided an e-mail address when registering with the Illinois JobLink site, IDES will send the notice to the last e-mail address on file for the job seeker. For any affected job seeker who cannot be reached by e-mail, IDES will send a notice by U.S. Mail to the last address on file for the job seeker.
On March 14, 2017, AJLA-TS learned that a malicious third party “hacker” had exploited vulnerability in the AJL application code that could have permitted the hacker to access the names, social security numbers and dates of birth of job seekers in the AJL systems of ten states, including Illinois. AJLA-TS’s technical team, in combination with an independent forensic firm, disabled the hacker’s access to the system and remediated the vulnerability that had permitted the attack the same day. At present, AJLA has no reason to believe that anyone other than the individual hacker exploited the vulnerability. It was not clear whether the vulnerability resulted in actual unauthorized access to any data until AJLA communicated on March 22, 2017 its belief that a breach appeared to have occurred.
A technical team from the Illinois Department of Innovation and Technology (“DoIT”) is working with IDES, AJLA-TS, and the forensic firm to address the situation. AJLA also alerted the FBI, which is currently investigating the matter. On March 1, 2017 - before any vulnerability had been identified - the Illinois team instructed AJLA-TS to modify AJL to prevent anyone from being able to view a social security number on AJL screens. Per this instruction, that further precaution is in the process of being implemented.
At this point, there is no indication that any information has been misused. However, the breach creates a risk that someone might attempt to illegally use the information that was accessed. To guard against that risk, AJLA will provide affected job seekers with one year’s worth of credit monitoring at no cost. For affected job seekers who can be reached by e-mail, AJLA will send an e-mail with information on how to obtain the credit monitoring, including an activation code to permit them to sign up for the monitoring online, and additional information on how to protect against improper use of their information.
AJLA has set up a call center to answer questions and offer credit monitoring advice. Affected job seekers who do not receive an e-mail from AJLA can contact the call center to receive the activation code and other information on credit monitoring. The call center number is 844-469-3939.
The entities listed below can also provide information about fraud alerts and security freezes:
Questions or concerns regarding this matter should be directed to the AJLA call center at 844-469-3939.
# # #