Published by VT Digger, March 22, 2017, reported by Anne Galloway:
The Vermont Department of Labor reported a security breach on Tuesday evening.
A third party vendor, America’s Joblink Alliance, which operates a nationwide web-based database called Joblink, notified the state that the job seeker service had been compromised by malicious software. Joblink is used by nine other states.
The scope of the breach has not yet been determined.
Joblink was not tied to any other State of Vermont systems.
The systematic breach was designed to extract data from Joblink, according to a press release from the Labor Department.
It is unknown whether the malware was deliberately used to infect the system or if it was unintentionally introduced by a jobseeker with an infected computer, officials said.
The system has been fixed and is now secure. America’s Joblink Alliance is evaluating the scope of the breach. The company has hired a third-party vendor, RSA, to perform a forensic analysis. In addition, Joblink is working with the Federal Bureau of Investigation.
At this time, analysts do not known which accounts were compromised. Private information such as names and Social Security numbers could have been extracted.