In a sea of bad news regarding nationwide security breaches and repeated incidents of identity theft, there is a bright spot for nearly 1.9 million workers in the state of Michigan.
The Michigan State Police confirmed nobody in Michigan was victimized by identity theft after having their personal information exposed through a vulnerability in the state's Unemployment Insurance Agency's computer system this past winter.
In October 2016, a software update to the Michigan Data Automated System (MiDAS) used by the Michigan Unemployment Insurance Agency allowed select employers to access personal information they shouldn't have had the ability to obtain.
State leaders indicated Social Security numbers and other key personal information were open for these particular individuals to use to potentially commit identity theft.
But leaders at the MSP say that didn't happen and the information did not fall into the wrong hands. Thankfully it appears the only people who had access to it were human resources professionals, not unemployment claimants or the general public.
"Our investigation has revealed no indication that the HR professionals with access to this system accessed anything other than their own organization’s personally identifiable information," MSP Public Affairs Director Shanon Banner wrote in an e-mail.
The problem was identified on Jan. 31, and a fix to block further unauthorized access was implemented the same day, according to Department of Technology, Management and Budget (DTMB) spokesman Caleb Buhs.
“Data security is a top priority for the state of Michigan,” said DTMB Director and State CIO David Behen. “We will work with our third party vendors and our state team to review our processes and procedures to avoid incidents like this in the future.”
The MSP Cyber Command Center launched an investigation shortly after the vulnerability was discovered to determine if anybody was victimized by the release of sensitive information. No victims were ever found.
"Identity theft is a serious problem for the Talent Investment Agency-Unemployment Insurance Agency (TIA-UI) and other government agencies that provide benefits to residents," UIA spokesman Dave Murray said. "Michigan is collaborating with the national UI Integrity Center, and TIA-UI investigators in May were saluted by the U.S. Department of Labor’s Office of Inspector General for their help in investigations that led to 24 convictions in identity theft cases."
Many people in the state, though, are not out of the woods.
Michigan Attorney General Bill Schuette announced earlier this month the breach at credit reporting agency Equifax impacted the personal information of more than 4.6 million Michigan consumers.
Hackers gained access to the personal information of tens of millions of people across the United States, gaining access to Social Security numbers, birth dates, addresses and some driver’s license numbers.
Last month, Schuette announced he joined a multi-state investigation with more than 40 other state Attorneys General to demand Equifax improve its consumer response to the breach and take steps to refund those who have already paid for a credit freeze.
If you have been a victim of identity theft, e-mail us at firstname.lastname@example.org
►Make it easy to keep up to date with more stories like this. Download the WZZM 13 app now.