The names and Social Security numbers of 56,000 people who used CNY Works employment services were potentially exposed in a cyberattack discovered in December 2019, officials said in letters to those affected.
(TNS) — A data breach at CNY Works may have exposed the names and Social Security numbers of 56,000 people who have used the nonprofit agency’s services to find jobs.
Clients potentially impacted by the breach began receiving letters from the agency this week warning that files targeted by a suspected ransomware attack on the agency’s servers contained their names and Social Security numbers.
The agency said it has found no evidence or indication that those behind the attack “viewed, accessed or removed” any of the data, which dates back years.
“We are sending notification letters to approximately 56,000 individuals,” Lenore Sealy, the agency’s executive director, said in an email to syracuse.com and The Post-Standard. “However, we are notifying individuals out of an abundance of caution. CNY Works has no evidence that any of the personal information for these individuals has been misused, or even that any of the personal information in its possession was accessed or stolen as a result of this incident.”
The agency said it became aware of a “potential ransomware incident” on Dec. 21, 2019, “when we learned that malware had infected our systems and encrypted files on several servers.”
“Upon learning of the issue, we commenced an immediate and thorough investigation,” the agency said. “As part of our investigation, we engaged external cybersecurity professionals experienced in handling these types of incidents. We were able to restore files from redundant systems that saved some files as a back-up to our primary servers.”
In ransomware attacks, computer files are encrypted, often when an email attachment with a malicious code is opened. The encryption blocks the owner of the files from accessing them. The culprits then demand money to provide a key to unlock the files.
CNY Works said it believes the cyberintruders’ motivation was to lock down the agency’s files “for purposes of potential financial gain from us, and not to access personal data contained in those files.” However, the agency has received no ransom demand for release of the encrypted files, it said.
Sealy said the agency did not send out the warning letters until now because its investigation did not discover until May 27 that some personal data were present in the encrypted files.
“Upon learning of the issue, we commenced an immediate and thorough investigation, which included a thorough review of encrypted files that may had been impacted by the cyberintruders,” she said. “The investigation was extensive and took time to complete to determine who and what information was affected.”
CNY Works is offering all potentially affected clients a one-year membership in Experian IndentityWorks Credit 3B, a service that helps prevent identity theft by detecting possible misuse of personal information.
According to the Social Security Administration, criminals can use someone’s Social Security number to get other personal information about the person and then use that information to apply for credit cards in the person’s name. Then, they use the credit cards and don’t pay the bills, damaging the person’s credit. Often, the victims only find out that someone is using their Social Security number when they begin getting calls from unknown creditors demanding payment for items they never bought.
CNY Works maintains a list of current job openings at hundreds of local employers. Its career center on James Street also provides one-on-one assistance in job searching, use of a resource room with computer access, and offers workshops on resume writing, interviewing skills, social networking and computer skills.
The center also assists people in applying for unemployment benefits. Using the center’s services counts as a work search activity, which helps people maintain their eligibility for those benefits.
Its career center has been closed since March 17 because of the coronavirus pandemic.
©2020 Syracuse Media Group, N.Y. Distributed by Tribune Content Agency, LLC.
Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.