Personal data of Massachusetts' unemployed stolen

As if being unemployed isn't bad enough, 210,000 unemployed residents of Massachusetts may have had personal data about them stolen from the state agency that is supposed to be helping them out.

The Executive Office of Labor and Workforce Development is reporting that a worm could have operated unhampered in its network for three-and-a-half weeks before being purged.

During that time documents about unemployed residents that were filed by 1,200 employers were vulnerable, the office says.

IMPACT: Corporate data breach average cost hits $7.2 million

"This information may include names, Social Security Numbers, Employer Identification Numbers, email addresses and residential or business addresses. It is possible that bank information of employers was also transmitted through the virus," according to a statement issued by the office.

The worm, W32.Qakbot, was discovered April 20 on an unspecified number of EOLWD computers, and the agency believed it had removed it from the network that day. It was rediscovered Monday and the office says it is now cleaned from the network.

Meanwhile the state is notifying those whose information may have been stolen.

From a description of how the worm operates, it may have entered via a thumb drive. This from Symantec about the worm: "W32.Qakbot is a worm that spreads through network shares and removable drives. It downloads additional files, steals information, and opens a back door on the compromised computer. The worm also contains rootkit functionality to allow it to hide its presence."

Symantec says the worm can spread via driveby downloads when users visit infected Web sites. Once inside a network, it spreads via network shares and removable drives, the security firm says.

The FBI and state attorney general are investigating, the EOLWD says.

Read more about wide area network in Network World's Wide Area Network section.