With organizations needing third-party services such as Accellion to provide file hosting services, it’s essential to consider where encryption fits into the flow of data. It is common to see data-in-transit utilizing encryption, however making sure data at rest is encrypted can reduce the risk that data – even if it is exposed – will be used for fraud. Along that same lines, protecting the keys to this encrypted data is equally as important. While this is common practice for many organizations, which have to fulfill this requirement for compliance reasons, protecting sensitive information found in forms such as unemployment claims should be a top priority to protect employees and clients. At an individual level, applying credit freezes can be a simple way to protect oneself from many kinds of fraud. Applying for an IRS identity protection PIN can also head off income tax fraud attempts. Based on recent trends, it is possible that threat actors will use the stolen personal information to fraudulently file for unemployment in other states and file for income tax refunds.

References:
Data breach exposes 1.6 million Washington unemployment claims (bleepingcomputer.com)
About the Accellion data security breach – Office of the Washington State Auditor