Deloitte, a consulting company contracted by the Ohio Department of Job and Family Services (ODJFS), is investigating a data breach in the system launched last week to pay benefits to 1099 and self-employed workers. A mass message was sent to applicants letting them know that their personal information was left unconcealed for a period of time.
Ohioans applying for Pandemic Unemployment Assistance (PUA) were alerted that their names, social security numbers, and addresses were compromised for about an hour. About two dozen unemployment applicants had the ability to view that information.
The data breach was reported by Deloitte, which was contracted by the state to administer the PUA system. The state is calling it a data leak.
"ODJFS holds the confidentiality of claimant data in the highest regard and agreed with the immediate steps Deloitte took to prevent any unauthorized PUA access in the future," ODJFS said in a written statement.
Deloitte says it is investigating the matter and is offering credit monitoring services to all PUA applicants for a year.
The state says there is no evidence of widespread data compromise.