The Maryland Department of Labor (Maryland DOL) published a press release on July 5th, stating that they were the victim of a data breach that exposed the information of around 78,000 customers. The information accessed appears to include names and Social Security numbers (SSN). Once notified of the breach, the Maryland DOL immediately took action by taking down the affected database and contacting law enforcement to conduct a thorough investigation. A statement from the DOL said that the impacted files were from 2009, 2010 and 2014. The files potentially contained first and last names, SSN’s, birth dates, residence information, and graduation dates. The breach appears to be contributed to a security incident where nine of the agency employees fell for a phishing scam which allowed the attackers access. According to the agency, there is no evidence that the exposed data was downloaded or removed from the DOL.
Affected clients of the Maryland DOL are being offered two years of credit monitoring services through Experian IdentityWorks for free from the agency. Users that were affected by this breach should reach out to the Maryland DOL via phone or email to set up this complimentary service.