Hackers may have accessed data of thousands of unemployed Floridians

David Lyons, South Florida Sun-Sentinel
·5 min read

Cyber hackers have attacked Florida’s unemployment benefits website and may have accessed sensitive personal information that belongs to nearly 58,000 Floridians who hold accounts with the state.

The Department of Economic Opportunity said it learned of a “data security incident” on July 16 against its CONNECT system and took several steps to protect client accounts, which included locking those accounts and notifying the potential victims.

In a statement to the South Florida Sun Sentinel, spokesman Andrew Nixon said that “malicious actors” may have accessed information including Social Security numbers, driver’s license numbers, bank account numbers, claims information “and other personal details, such as address, phone number, and date of birth.”

On top of that, the intruders may have acquired the PIN that people use to access their accounts. Nixon said a total of 57,920 were targeted between April 27 and July 16 of this year.

The hacking could further complicate the struggles of unemployed Floridians who have been frustrated at every turn since the pandemic struck down the economy in March 2020.

Among the problems:

  • Repeated system crashes by the CONNECT website.

  • Insufficient staff to handle an avalanche of phone inquiries from hundreds of thousands of the unemployed. Despite the hiring of additional staffers, people still complained of workers who lacked answers to problems or hung up on them.

  • Repeated lockouts of benefit recipients from their accounts, which led to an inability to track payments and report weekly job searches as required again by the state.

  • Unexplained payment stoppages and diversions.

  • Incomplete data provided to state auditors. In 2020, DEO officials were unable to give auditors accurate data on nearly $9 billion in state and federal unemployment claims. As a result, auditors were unable verify that eligible Floridians received the correct amounts of benefits.

Halted payments

Robin Perlman, 57, is a Tamarac resident and laid-off retail worker who said Monday that she lost her unemployment benefits to someone who diverted her money from her bank account to a debit card account.

“I had been collecting unemployment without incident until April of this year,” she said. “My payments were going in direct deposit until I stopped seeing payments in my bank. I found someone had changed my direct deposit to a Chime [debit] card illegally. I notified DEO and my account was locked.”

She said she regained access for a week, got locked out again and remains unable to log into her account.

“I’m still fighting,” she said in a phone interview. “Every day I’m on the phone and then get hung up on.”

Perlman said she’s contacted an array of agencies besides the DEO, including the Broward State Attorney’s office. which she said informed her “the state has to take care of it.”

She said she contacted the office of Gov. Ron DeSantis, with no results.

“They owe me $5,000,” she said. “And I cannot get help anywhere. I don’t know where else to turn. I have case numbers and phone numbers, but nobody is helping me. I didn’t do anything wrong. My benefits stopped. My insurance stopped and my whole life stopped. There has got to be a way. It’s going on for four months now.”

There is one added barrier to clear so long as the lockout continues. Without access to CONNECT, she is unable to report her job search efforts to the agency — a requirement reinstatement by the governor for receiving continued unemployment benefits.

In Perlman’s case, that’s $135 a week after Florida, at the governor’s direction, ended its participation in a federal supplemental program that paid the unemployed an additional $300.

Bad actors unknown

Nixon, the DEO spokesman, did not identify the “malicious actors” and did not say how they accessed the DEO system at a time when the agency was actively monitoring CONNECT for alleged fraudulent jobless benefit filings and other illegal activity. Since early this year, the agency has sought to screen its system for ID thieves who have stolen account information and filed bogus claims for weekly government benefits.

According to an agency dashboard, the DEO currently has more than 50,000 claims flagged for “fraud detection.”

Nixon said the agency has taken the following steps:

  • Locked the targeted accounts.

  • Improved PIN security controls.

  • Enhanced network security controls.

  • Notified the affected people.

  • Notified the Department of Legal Affairs, Department of Management Services, including the Division of State Technology, and the Florida Department of Law Enforcement;

  • Reported affected accounts to the three U.S. credit reporting agencies.

  • Purchased a year’s subscription of identity protection services for affected claimants.

“There is no evidence of any other unauthorized access and no indication of related malicious activity on the department’s internal networks,” Nixon said.

Last spring, the agency hired ID.me, an identity verification company based in McLean, Virginia, to help confirm the identities of agency clients when they seek to access their CONNECT accounts. But it was not hired to specifically block hackers.

Nixon said the department is recommending that the affected people “monitor their financial accounts, and if they see any unauthorized activity, they should promptly contact their financial institution.”

They also may contact the Federal Trade Commission by calling 1-877-ID-THEFT (1-877-438-4338) or online at www.ftccomplaintassistant.gov/.

The agency also recommends that its clients contact the three U.S. credit reporting agencies — Equifax, Experian and TransUnion — to obtain a free credit report from each by calling 1-877-322-8228 or by logging onto www.annualcreditreport.com.