Cyber Incident Victim: Kentucky Office of Unemployment Insurance

On February 24, 2021, the Kentucky Career Center reported a potential cyberattack targeting the state’s external unemployment insurance claims system. The Office of Unemployment Insurance (OUI) detected anomalous activity at approximately 10:40 a.m. and alerted Labor Cabinet leadership. Initial assessments indicated no confirmed security breach or compromise of claimant data. Attackers employed random login credentials in an attempt to overwhelm the website’s infrastructure, a tactic consistent with a distributed denial-of-service (DDoS) attack. None of the fraudulent login attempts succeeded in gaining unauthorized access to the system. The incident occurred amid broader national reports of unemployment fraud during the COVID-19 pandemic, though officials did not explicitly link this event to wider criminal campaigns. While external claimants lost access to the online portal during the disruption, OUI staff maintained internal operations and continued processing claims manually.

Kentucky’s Office of Homeland Security coordinated the response alongside the Labor Cabinet, OUI, and the Commonwealth Office of Technology. Technical teams worked to mitigate the attack and restore system availability, though no specific remediation timeline was publicly disclosed. Officials emphasized the absence of evidence suggesting data exfiltration or unauthorized access to sensitive claimant information. The incident temporarily hindered claimants’ ability to file or check claims online but did not halt overall unemployment assistance operations. Ongoing investigations focused on identifying the attack’s origin and scope while maintaining service continuity through alternative channels.