May 17, 2011
State officials warn a cyberbreach may have let somebody collect personal data on people receiving Massachusetts unemployment benefits.
In a statement on Tuesday, the state Executive Office of Labor and Workforce Development said, "EOLWD learned yesterday that the computer virus (W32.QAKBOT) was not remediated as originally believed and that the persistence of the virus resulted in a data breach. Once it was discovered, the system was shut down and the breach is no longer active. W32.QAKBOT may have impacted as many as 1500 computers housed in DUA and DCS including the computers at the One-Stop Career Centers."
Particularly at risk are people who filed a claim between April 19 and May 13 that required any manual intervention by a state worker, the office says, adding all potentially affected people will be getting letters from the state. More details from the state.
Symantec, which makes anti-virus software, says W32.QAKBOT is actually a "worm" designed to collect data from a Windows computer and then communicate that with whoever launched it: "It downloads additional files, steals information, and opens a back door on the compromised computer."