Illinois, like many other states, has suffered a sudden privacy data breach as it scrambles to process unemployment claims.
State officials, directed by Gov. J.B. Pritzker, should own up to the extent of the breach and do everything possible, including offering a period of free credit monitoring, to protect those who were victimized.
The glitch in a newly launched state unemployment system for gig workers exposed personal information including Social Security numbers for “a short time,” Pritzker spokeswoman Jordan Abudayyeh said in a statement on Sunday. There is no sign that any of the information was stolen.
But it’s still a bad break for people scrambling to get their lives back on track as COVID-19 tears away at their livelihoods.
The underlying problem is that most states, including Illinois, just weren’t ready to deal with record numbers of newly unemployed people, including a new category of gig workers who require a new processing system grafted onto an old one.
On Saturday, Arkansas announced it was shutting down its gig worker unemployment program after it apparently was accessed illegally. A fraud ring attacked Washington state’s unemployment system, which had to shut down all unemployment payments last week for two days. Evidence of attacks also has cropped up in North Carolina, Massachusetts, Rhode Island, Oklahoma, Wyoming and Florida. New York’s unemployment insurance system accidentally leaked personal information last month.
“There is a lot of money flowing through the system, the system load is higher and cracks in the system start to appear,” Matt Erickson, vice president of solutions for SpiderOak, a company that specializes in secure communications on untrusted infrastructure, told us. States, he said, are trying to get new systems up and running “under crazy high pressure.”
A huge Illinois increase in unemployment claims not only required the state to quickly rebuild its overwhelmed computer system, but also to assign many more workers to the task of processing claims. One state worker told us: “Everyone who knows anything about claims is working on this, all day plus overtime.”
Illinois can’t afford to call a timeout on unemployment benefits at a time when the pandemic has affected so many people. But even as it processes a record number of applications, it needs to do a better job of securing its computer systems to protect privacy and prevent fraud.
No one wants their personal information floating around the web. And taxpayers don’t want hackers making off with the money that gig workers desperately need.
Send letters to letters@suntimes.com.
