Washington state is hit by one of the nastiest data breaches on its systems for the year, as a record high of 1.6 million unemployed residents of the area has their identity exposed to security threats and hackers. The attack was said to be centered on the third-party service provider of Washington and is not pointed towards the Employment Security Department (ESD).
The country's capital state was hit by an attack that has compromised several of its data and information that exposes its citizen's identity, and have taken advantage of the third-party service provider's software vulnerability. The attack was said to be originating back to December 25, 2020, where unauthorized access to the systems was detected.
The third-party service provider is identified by the Office of the Washing State Auditor (AOC), Pat McCarthy, to be Accellion, a private cloud solutions company that is based in Palo Alto, California. The company focuses on file sharing, primarily involving data sharing and collaboration.
Washington State Auditor Blames Accellion for Data Breach
According to the Office of the Washing State Auditor (SAO), Accellion confirmed the data breach to the government authorities in the last week, January 25, 2021, which is almost one month after the first detection. The exploiters have attacked the vulnerability in the software's collaborative system, accessing personal and sensitive information.
Accellion has revealed that they have been studying and investigating the data breach, before it has reported the incident to SAO, which in turn, put the heat on them, with the agency blaming them for the hack. Moreover, the primary data that was targeted by the exploiters is the list of Washington residents who filed for unemployment claims last year.
The data includes those who filed from Jan. 1 until Dec. 10, 2020, and has an accumulated list of 1.6 million residents of the state. The number is a massive one, especially with their data and identities exposed to the exploiters, ranging from different sensitive information including full name, birthdate, address, previous occupation, etc.
These data may be used against the users, by either blackmail content or identity theft that steals information from others, using their credentials that are complete with the essentials.
Other Data Exposed from Accellion Breach in Washington State
According to Seattle Times' report, Pat McCarthy, the State Auditor, is entirely putting the blame on Accellion, and not on the Employment Security Department (ESD), whose data was taken and exploited. While ESD was the main target of the attack, it was Accellion's systems that failed and exposed a vulnerability to the hackers says McCarthy.
Moreover, other data that were taken and exposed include the personal information of both the public and state employees, which signifies that the attack was extensive and more dangerous than how it sounds. Additionally, a smaller number of group data were also taken, including those from the Department of Children, Youth, and Families.
Related Article: COVID-19 Vaccine Cards:Why Posting Them On Social Media is a Bad Idea-According to Experts
This article is owned by Tech Times
Written by Isaiah Alonzo