AL job seekers, unemployment recipients targeted in data hack - Montgomery Alabama news.

AL job seekers, unemployment recipients targeted in data hack

(Source: WSFA 12 News) (Source: WSFA 12 News)
(Source: WSFA 12 News) (Source: WSFA 12 News)
(Source: WSFA 12 News) (Source: WSFA 12 News)

An alert has been issued for those who have looked for work using Alabama's JobLink or received unemployment following news that the state has learned that information could have fallen into the hands of hackers. The Alabama Department of Labor found out Wednesday that its web-based system used to link job seekers with employers was targeted.

Now, officials are working to figure out just how many people were impacted and urging precautions.

Following a recent security breach of the America's JobLink (AJL) system, a multi-state web-based system that links job seekers with employers, it has been determined that Alabamians who have used the state's free, online jobs database ( may have had their personal information exposed.

The site is developed and maintained by America's Job Link Alliance – Technical Support (AJLA-TS) which confirmed on March 21 that hackers exploited a vulnerability in the AJL application code to view the names, social security numbers, and dates of birth of job seekers in the AJL systems of 10 states: Alabama, Arizona, Arkansas, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma, and Vermont.

Anyone who has received unemployment compensation benefits over the past three to four years may also be at risk because whenever someone applies for unemployment, they're automatically registered for JobLink.

“From what we've been told, a third party hacker was somehow able to access that database based out of Kansas,” said Tara Hutchison, Communications Director for the Alabama Department of Labor. The threat has been contained and the hacker’s access to all AJL systems has been disabled.

“We were contacted by our vendor who made us aware of the situation. As soon as they became aware of it, they investigated it and were able to terminate the hacker. So the threat is no longer existing as of March 14. Any accounts that were set up since March 14 are fine,” Hutchison said. “They conducted their own independent investigation to double check and confirm and make sure we were all getting the most up to date information.”

The ADOL has identified those with valid social security numbers who may be affected and customers with a valid email address on file will receive an email with instructions on how to proceed. Information is also available on the following websites: and

“We are in the process of identifying all of those individuals who have been compromised and they will receive an email notification from us letting them know about that status. That email will also provide them with some instructions for some assistance and for some resources,” Hutchison explained. “We do take this breach very seriously. We're working around the clock to make sure that we are in cooperation with all of the appropriate agencies and parties that we need to be and to ensure that something like this does not happen again.”

The State of Alabama has requested an immediate and independent investigation by the Multi-State Information Sharing and Analysis Center, a collaborative initiative of the Office of Cybersecurity and Communications within the U.S. Department of Homeland Security.

“Once this forensic analysis is completed, additional information will be released," said Dr. Joanne Hale, Alabama Acting Secretary of Information Technology.

Anyone who has been affected by this breach, or thinks they may have been affected, should carefully watch their bank accounts, credit cards, and other financial transactions. For more information on how you can protect your credit, refer to the major credit reporting agencies: Equifax, Experian, and TransUnion.

You may request that they place a fraud alert and or a credit freeze on your file. You may also contact the IRS Identity Protection Specialized Unit at 1-800-908-4490.

America's Job Link Alliance is in the processing of establishing a call center to answer questions from those who are affected. This center should be operational within two to three business days. Customers may email with any additional questions about the incident.

“This type of breach has never occurred with us so far,” Hutchison said. “This is unfortunately, a sad fact of life in the era that we live in now in this digital age but if you feel that you may have been compromised, it's important to get a head start on monitoring things. Make sure you're checking your bank accounts, your credit report and credit card statements. Just watch for any unusual activity.”

Copyright 2017 WSFA 12 News. All rights reserved.

Powered by Frankly