LANSING, Mich. (WJBK) - Officials in Michigan says a potential release of private information from unemployment system may affect up to 1.9 million people.
A software update implemented in October 2016 that was provided and performed by a third-party vendor supporting the unemployment benefits computer system introduced a vulnerability that allowed authorized users of the Michigan Data Automated System (MiDAS) to access Social Security numbers and names they were not authorized to view.
Officials say the authorized users who may have had access only include employers and other human resources professionals -- not those who claim unemployement or anyone in the general public.
The problem was identified on Jan. 31, and a fix to block further unauthorized access was implemented the same day.
An investigation is ongoing by the Michigan State Police Cyber Command Center to determine how many were exposed to a release of personal information. If a compromise of data is confirmed, all will be notified immediately.
The sensitive information potentially exposed includes first and last names, Social Security numbers and wage information. No other personal information, such as birthdates or home addresses, was involved.
As many as 1.87 million people in Michigan may be affected, but the total amount will not be known until the investigation is complete. People potentially at risk include those whose payroll is processed by one of 31 third-party vendors that works with the Unemployment Insurance Agency.
Officials say, at this time, there's no indication this personally identifiable information has been or will be used maliciously.