Various state governments and the US Department of Labor job applicants information was stolen by hackers.

The information included Social Security numbers, and dates of birth of job seekers in Alabama, Arizona, Arkansas, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma and Vermont.

The hacker created an account on the America’s JobLink (AJL) on Feb. 20th. He then used a misconfiguration in the system to gain unauthorized access. His hacking was discovered and shut down on March 14. Law enforcement and the FBI were called in to try to identify and apprehend the hacker.

It is not known how many job applicants were affected, but AJL is working on making notifications to be sent out in April.

“Notifying potentially affected individuals has been a top priority since AJLA–TS discovered that the error messages we were receiving were due to malicious activity and not a technical issue,” it said. “The forensic firm’s analysis required the review of a significant amount of system data. This analysis was needed to confirm that the hacker had actually accessed individuals’ information, so as not to unnecessarily alarm affected individuals.”

Source: Info Security