DEED security breach involves job seekers using state website

DEED security breach involves job seekers using state website

DEED security breach involves job seekers using state website

The Minnesota Department of Employment and Economic Development sent letters to an unspecified number of people who use an agency website to help find jobs who might have had some personal information accessed by an unauthorized user.

“The Minnesota Department of Employment and Economic Development (DEED) respects and values the privacy of jobseekers’ personal information,” DEED said in a statement released to 5 EYEWITNESS NEWS. “A recent data security incident may have resulted in unauthorized access of jobseekers’ contact information such as physical addresses, email addresses, and phone numbers. DEED immediately revoked the unauthorized access on the MinnesotaWorks.net website. DEED also notified jobseekers about the incident and steps they can take to protect their private information.”

DEED also said it took immediate steps to make security technology upgrades to “prevent future data incidents.”

The news comes as the Minnesota Legislative Commission on Cybersecurity met Monday to discuss the growing number of IT projects that are underway to accommodate all the new laws and state agencies created in the last legislative session. They heard from an official from Minnesota IT Services (MNIT) about the technology infrastructure that will be required to collect information from and about millions of Minnesotans.

“I’ll start with the Office of Cannabis Management,” said Jonathan Eichten of MNIT. “We expect to sign, either today or tomorrow, a contract with a licensing system provider. This is a provider that has been successful in multiple other states and major cities, particularly on the West Coast.”

They’ll also soon begin setting up a system to handle the state’s new paid family and medical leave program.

“A paid family and medical leave director will be starting in about 10 days here, so we expect to work with that individual to set out a firm timeline,” Eichten told lawmakers.

The commission did not get an update on data security breaches at DEED, the Minnesota Department of Education, St. Paul Public Schools or the University of Minnesota. One lawmaker wondered why.

“I was kind of expecting we would get a report on the University of Minnesota’s data breach at this meeting,” said Rep. Steve Elkins, DFL-Bloomington. “Kind of disappointed that we didn’t.”

The commission chair, Rep. Kristin Bahner, DFL-Maple Grove, said she hopes to hear from many public entities about recent cybersecurity issues at their next meeting in November.

“I know we had an MDE (Minnesota Department of Education) breach, St. Paul Schools had an issue and the University of Minnesota, so I thought we might try to group some of that core together and see where we might have overlap or gaps and see specifically if there are ways where we as state partners might be able to help … our partners at the local level,” Bahner said.