New WA data breach exposes personal info of 1.6 million people who applied for unemployment

Feb 1, 2021, 11:04 AM | Updated: Feb 2, 2021, 7:25 am

Washington State Auditor Pat McCarthy answers questions on Monday after reporting a data breach may...

Washington State Auditor Pat McCarthy answers questions on Monday after reporting a data breach may have compromised information from 1.6 million people who've filed for unemployment benefits. (TVW screen shot)

(TVW screen shot)

The Washington State Auditor is reporting a December data breach that could have exposed the personal information of 1.6 million Washingtonians who had applied for unemployment benefits in 2020.

Puget Sound Educational District hit with data breach

The breach was of a third-party server used by the auditor’s office, Accellion, and may also have exposed data from local governments and other state agencies.

People who filed for unemployment between Jan. 1 and Dec. 10, 2020, people whose identities were stolen in last year’s fraud attack, or state government employees may have had their information exposed.

“I know this is one more worry for Washingtonians who have already faced unemployment in a year scarred by both job loss and a pandemic. I am sorry to share this news and add to their burdens,” State Auditor Pat McCarthy said in a written release. “This is completely unacceptable. We are frustrated and committed to doing everything we can to mitigate the harm caused by this crime.”

Washington state’s Employment Security Department was defrauded out of hundreds of millions of dollars last spring, impacting nearly 390,000 people whose stolen identities were used to fraudulently apply for unemployment benefits. In the months to follow, the department took criticism for weak internal controls and an out-of-commission automated process that was supposed to flag suspicious claims. The ESD was not responsible for this latest breach, though, says McCarthy.

Audit finds internal controls at ESD weren’t strong enough to prevent fraud

“I want to be clear: This was an attack on a third-party service provider. The Employment Security Department did nothing to cause this, and is not responsible in any way for this incident,” she emphasized.

McCarthy says they have used Accellion for 13 years and thought the security was trustworthy. Other recent attacks on Accellion resulted in data breaches at the Royal Bank of New Zealand and the Australian Securities and Investment Commission.

Law enforcement is investigating the breach.

McCarthy said the full scope of how this has affected people is still under investigation and their office has contacted every state agency that would be impacted, based on the files given by Accellion. She said those agencies already know who they are.

“We have not heard from anyone affected by it, but that doesn’t mean it hasn’t happened,” McCarthy said of claimants.

The auditor’s office has set up a website for people to learn more about the breach and plans to set up a hotline.

The KIRO Radio Newsdesk contributed to this report

MyNorthwest News

Associated Press

Amazon’s internal plans to advance its interests in California are laid bare in leaked memo

An internal Amazon memo has provided a stark look at the company’s carefully laid out plans to grow its influence in Southern California through a plethora of efforts that include burnishing its reputation through charity work and pushing back against “labor agitation” from the Teamsters and other groups.

26 minutes ago

(Photo from KIRO 7)...

Brittany Toolis, KIRO 7 News

‘I wanted to cry’: Flooding destroys $20k worth of goods at Port Orchard food pantry

Relentless rain in Western Washington and the flooding that followed is causing big problems for a Kitsap County food bank, at the worst possible time. Water destroyed almost all their stored dried goods.

54 minutes ago

Image: U.S. Rep. Pramila Jayapal, D-Wash., speaks during a rail union workers rally outside of the ...

James Lynch

Jayapal responds after being criticized for CNN comments about Israel-Hamas war

Democratic U.S. Rep. Pramila Jayapal of Seattle was asked about the rape of Israeli women during the Oct. 7 attack that started the Israel-Hamas war.

1 hour ago

Image: The pass-in-review by the USS William P. Lawrence (DDG 110) can be seen as Pearl Harbor comm...

Ted Buehner

Pearl Harbor attack led to the halt of weather data publication

The U.S. Weather Bureau made the announcement in 1941 to avoid having the data fall into enemy hands.

3 hours ago

Image: An Alaska Airlines plane takes off from Los Angeles International Airport in Los Angeles on ...

Steve Coogan

Ex-pilot accused of trying to cut plane engines could be out of jail this week

The former Alaska Airlines pilot accused of trying to cut the engines of a Horizon Air flight has been indicted on 84 endangerment charges.

4 hours ago

gray wolf endangered...

Matt Markovich

Legislators consider removing gray wolves off endangered list in Wash.

The change in status is likely to be favorable to ranchers who lose livestock to the wolves and allow more permitted killing of problematic gray wolves.

13 hours ago

New WA data breach exposes personal info of 1.6 million people who applied for unemployment