TAMPA, Fla. (WFLA) — The reputation of Florida’s beleaguered unemployment system took another hit Thursday after the state confirmed a data breach.
A spokesperson for the agency would not reveal what happened, only releasing a statement that said the situation was “quickly resolved.”
However, 8 On Your Side has learned that the names and social security numbers of nearly a hundred unemployment applicants were compromised when a DEO staffer sent an email to the wrong recipient in April.
We obtained a letter the agency sent out to those applicants in early May explaining that information was “unintentionally sent to a private email server owned by a third party performing work on the agency’s behalf.”
DEO said within an hour of learning about the mistake, it confirmed with the unintended recipient that the sensitive information had been deleted. The agency does not believe the names or social security numbers were accessed by anyone else but sent the notice out of an abundance of caution.
“They’re trying to assure us it was not a hack, it was an accident,” State Senator Janet Cruz (D-Tampa) said.
It’s Cruz’s understanding the email was a test message, meant to stay internally.
“It would have been so much easier just to say that from the beginning,” Cruz said, thankful the breach wasn’t more severe but calling for more DEO transparency.
News of the data breach fueled a rumor wildfire, including accusations that a recent email from the DEO issuing temporary PINs was fake.
When asked by 8 On Your Side, the agency maintained the email is authentic.
“We had the same concern from people that it was a phishing expedition, so to speak,” Cruz said, referencing the cybercrime in which targets are contacted by email by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details and passwords.
Further fueling the fire of distrust are recent reports that sensitive information from unemployment applications in Ohio, Illinois, and Colorado was potentially exposed. Those unemployment sites were all built by global accounting firm Deloitte, the same vendor who created Florida’s CONNECT site.
Governor Ron DeSantis has already ordered an investigation into the state’s contract with Deloitte, after $77 million was spent on a system that quickly went up in flames.
“I worry about the work that Deloitte did,” Cruz said.
DeSantis did not address the data breach during a Friday press conference in Jacksonville.
LATEST ON FLORIDA’S UNEMPLOYMENT PROBLEMS:
- Florida unemployment up in May, still below national rate
- Florida unemployment: Did DEO call center cut make long delays even longer?
- Florida to end $300 weekly federal unemployment benefits in June
- Florida unemployment recipients will once again have to prove they’re looking for work
- DeSantis says he doesn’t favor raising unemployment benefits