A cyberattack on a third-party vendor has impacted employment services, including unemployment benefits, in several states, according to the Associated Press. Some state employment websites have been offline since Sunday, including the ones in Tennessee and Nebraska.
“We recently identified anomalous activity on our network, and immediately took [Tennessee’s] Jobs4TN system offline to halt the activity. With the help of third-party specialists, we are conducting a full investigation to determine the cause and scope of the incident,” Paul Toomey, the president of vendor Geographic Solutions, said in a statement on Wednesday. “Our current focus is working around the clock to bring Jobs4TN back online. We anticipate that this will occur prior to the July 4th holiday.”
The full scope of the cyberattack’s impact is not yet clear, though Geographic Solutions claims to have clients in more than 35 states and territories. As noted by StateScoop, the Louisiana Workforce Commission said on Wednesday its HiRE website is offline and the “attack is also impacting as many as 40 other states and Washington D.C.” Geographic Solutions’ website is also down.
The situation could have a significant effect on those who depend on unemployment benefits and are having problems accessing them. Around 12,000 people rely on such benefits in Tennessee, but the AP reports that they are not receiving payments.
The Nebraska Department of Labor expects its employment services site to remain offline through at least Friday. “Individuals cannot file for unemployment until the system is back online,” a spokesperson told the AP.
Some state-run jobseeking sites are unavailable as well. In many cases, those seeking unemployment assistance need to show that they’re actively searching for work to be eligible for benefits. California and Florida are among the states that have temporarily waived those rules.
Toomey said Geographic Solutions is taking steps to prevent a similar situation from happening again. “The latest information from GSI indicates no personal data was accessed, and no data was removed from its network operations center.”