Security News > 2021 > February > Data Breach Exposes 1.6 Million Jobless Claims Filed in the Washington State

The Office of the Washington State Auditor on Monday said it's investigating a security incident that resulted in the compromise of personal information of more than 1.6 million people who filed for unemployment claims in the state in 2020.

The SAO blamed the breach on a software vulnerability in Accellion's File Transfer Appliance service, which allows organizations to share sensitive documents with users outside their organization securely.

"During the week of January 25, 2021, Accellion confirmed that an unauthorized person gained access to SAO files by exploiting a vulnerability in Accellion's file transfer service," the SAO said in a statement.

The accessed information is said to have contained personal details of Washington state residents who filed unemployment insurance claims in 2020, as well as other data from local governments and state agencies.

The unauthorized access incident is believed to have occurred in late December of last year, although it appears the full scope of the intrusion wasn't made aware until Accellion disclosed earlier this month that its file transfer application was the "Target of a sophisticated cyberattack."

It's worth noting that Accellion's FTA software was used as an attack vector to strike two other organizations, including the Australian Securities and Investments Commission and the Reserve Bank of New Zealand, in recent weeks.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/rkmZHflP46k/data-breach-exposes-16-million-jobless.html