Cyber Incident Victim: WorkForce West Virginia
Date:
Apr 2021
Location:
United States of America
Summary
WorkForce West Virginia experienced unauthorized access to the Mid Atlantic Career Consortium Employment Services database, potentially compromising personal information of individuals in their system. The breach exposed sensitive data including names, addresses, phone numbers, dates of birth, and Social Security numbers, prompting notifications to affected state residents.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
WorkForce West Virginia detected unauthorized access to the Mid Atlantic Career Consortium Employment Services database on April 13, 2021, prompting immediate investigation into the security incident. The agency confirmed an unidentified individual breached the system containing personal information of individuals enrolled in WorkForce programs. This intrusion potentially exposed sensitive data including full names, physical addresses, telephone numbers, dates of birth, and Social Security numbers – critical identifiers that heighten identity theft risks. The breach timeline suggests the unauthorized access occurred prior to the April 13 discovery date, though the exact duration of system vulnerability remains unspecified in public disclosures. Workforce development services databases typically contain extensive employment histories and eligibility documentation, amplifying potential harm from the compromised credentials. No evidence indicated misuse of stolen data at the time of notification, but the agency acknowledged the possibility of future exploitation given the nature of exposed information.
WorkForce West Virginia initiated client notifications within one week of discovering the breach, adhering to standard incident response protocols for state agencies. Affected individuals received direct communications outlining the specific personal data elements potentially accessed, though the total number of impacted residents wasn't disclosed publicly. The agency's disclosure emphasized the employment services context of the compromised database, suggesting targeting of job seekers' information through the Mid Atlantic Career Consortium platform. No technical details regarding intrusion methods or system vulnerabilities were released, maintaining operational security during remediation. Consequences centered on identity fraud concerns given the exposure of Social Security numbers combined with biographical identifiers sufficient for financial account creation. The incident prompted internal security reviews while underscoring risks associated with multi-agency data consortiums that aggregate sensitive citizen information across jurisdictional boundaries.