KDOL looking into possible data breach
KDOL looking into possible data breach
By Caroline Elliott
Published: Apr. 21, 2021 at 5:43 AM BST
WICHITA, Kan. (KWCH) - A KWCH investigation in February helped to launch a Kansas Department of Labor investigation after the investigation discovered a way to use social security numbers on the KDOL website to pull up anyone’s personal information. Eyewitness News reporter Caroline Elliott has been looking into the issue for months and Tuesday, April 20, Eyewitness News learned an investigation is looking at the possibility of a data breach. KDOL is also looking to see if scammers were able to steal $600 million because the department’s website was not secure.
A KWCH exclusive interview earlier this year found how easy you could pull up social security numbers, names, phone numbers and email addresses on the KDOL website.
“I can’t be the only one who found this. I don’t know why other people wouldn’t have reported it, and I have a feeling that some scammers have found it,” said Lisa Hirst who spoke with Eyewitness News in February after finding the security issue with social security numbers on the KDOL website. “I mean, it was so easy to do, and I didn’t even mean to.”
Hirst said it was scary that she was able to access the information she did so easily, especially she said, because she doesn’t know that much about computers.
ADVERTISEMENT
Hirst first discovered the vulnerability of the KDOL website when she entered her social security number to get a call back from the department. She entered it incorrectly and got someone else’s information. Since the story featuring Hirst aired in February, a legislative post audit found that scammers sole more than $600 million in unemployment fraud. Now lawmakers believe the loophole Hirst discovered is one way that scammers possibly found people’s information.
KDOL has added additional security features to its website over the last several months and claims the agency lost $290 million to scammers, not $600 million-plus. Eyewitness News learned the investigation will take about a year to finish and the report is due by September 2022. By the end, the audit will determine exactly how scammers stole Kansans’ information through KDOL. If it’s because of any fault at the state level, lawmakers assure that they will find a way to protect Kansans’ identities.
By Caroline Elliott
Published: Apr. 21, 2021 at 5:43 AM BST
WICHITA, Kan. (KWCH) - A KWCH investigation in February helped to launch a Kansas Department of Labor investigation after the investigation discovered a way to use social security numbers on the KDOL website to pull up anyone’s personal information. Eyewitness News reporter Caroline Elliott has been looking into the issue for months and Tuesday, April 20, Eyewitness News learned an investigation is looking at the possibility of a data breach. KDOL is also looking to see if scammers were able to steal $600 million because the department’s website was not secure.
A KWCH exclusive interview earlier this year found how easy you could pull up social security numbers, names, phone numbers and email addresses on the KDOL website.
“I can’t be the only one who found this. I don’t know why other people wouldn’t have reported it, and I have a feeling that some scammers have found it,” said Lisa Hirst who spoke with Eyewitness News in February after finding the security issue with social security numbers on the KDOL website. “I mean, it was so easy to do, and I didn’t even mean to.”
Hirst said it was scary that she was able to access the information she did so easily, especially she said, because she doesn’t know that much about computers.
ADVERTISEMENT
Hirst first discovered the vulnerability of the KDOL website when she entered her social security number to get a call back from the department. She entered it incorrectly and got someone else’s information. Since the story featuring Hirst aired in February, a legislative post audit found that scammers sole more than $600 million in unemployment fraud. Now lawmakers believe the loophole Hirst discovered is one way that scammers possibly found people’s information.
KDOL has added additional security features to its website over the last several months and claims the agency lost $290 million to scammers, not $600 million-plus. Eyewitness News learned the investigation will take about a year to finish and the report is due by September 2022. By the end, the audit will determine exactly how scammers stole Kansans’ information through KDOL. If it’s because of any fault at the state level, lawmakers assure that they will find a way to protect Kansans’ identities.
