Personal information registered with the OKJobMatch.com became vulnerable when Kansas-based American Job Link Alliance (AJLA) was accessed on March 12. Oklahomans are required to register with OK Job Match when they apply for unemployment benefits. Better Business Bureau® Serving Eastern Oklahoma is warning those who have applied for unemployment and registered with the workforce development program, to take precautions to protect their identity. Those identified as having their information accessed will receive a letter in the mail next week with details on what was compromised in the breach. A separate third-party company has reviewed the changes made by Alliance and confirms that the system is now fixed and secure. AJLA is currently working with the FBI to identify the hacker.
Update March 31, 2017:
OK Job Match accounts created before March 14, 2017, could have been accessed. Individuals with a valid email address on record whose information may have been accessed will be contacted by email between 5 to 10 days of March 24, 2017. You can search for the email in your inbox by entering "Job Link" or "Department of Security" in the search field. If you receive a notification that your information was affected, you may qualify for free credit monitoring by American Job Link Alliance (AJLA).
Those affected by the hack and anyone with further questions can contact the AJLA Response Team hotline at:
Monday through Friday
8 am - 8 pm.
To have your data removed from their servers, you must contact OK Job Match and request to have your account deleted at (800)555-1554.
You can also see AJLAs updated FAQ's pertaining to the breach at http://www.ajla.net/pressrelease.html.
BBB encourages anyone whose information may be at risk to take the following precautions:
1. Place a fraud alert on your credit file. You can do this by calling one of the three credit reporting agencies. Contacting one organization is enough, as they will communicate with the other two. The fraud alert expires after 90 days, but you can renew it for free.
2. Request a credit report from the three agencies. You can receive a free credit report if you inform the organizations that your Social Security Number may be compromised. If you notice any unfamiliar accounts or companies making inquiries that could be a sign of identity theft.
3. Monitor your credit card and bank accounts. While the breach divulged names, birthdates and social security numbers it is easy for identity thieves to use that information to gain access to your financial accounts. Review your credit card and bank statements for any irregular or unfamiliar expenditures as often and quickly as possible. If something seems wrong, contact your financial agency promptly and dispute the charges.
4. Contact your bank and ask them to place a note on the account. Credit Card companies have protections to keep consumers from being held liable for identity thieves’ expenditures, but the same isn't true for debit transactions. By placing a note on the account, your institution knows to monitor for any unusual expenses. If you believe your account has been compromised notify your bank's fraud department; you may have to close the account and open a new one.
If you discover that your information has been used to open credit cards or take out loans in your name you should contact the following organizations:
American Job Link Alliance stores similar information for nine other states to find the full list of those affected and more details about the breach you can review the following press releases and articles:
American Job Link Alliance: http://www.ajla.net/pressrelease.html
You can also contact American Job Link Alliance by phone at 1-800-255-2458 or email at AJLAincidentresponse@AJLA.net. The Oklahoma Unemployment Office and OK Job Match offices are currently directing all queries about the breach to the third-party vendor. Alliance says they will be setting up a call center to answer questions about the incident. BBB will update this article with that information when it becomes available.