The state's interactive MinnesotaWorks.net jobs board was hacked this week, prompting Minnesota's employment officials to warn job seekers their personal information may have been obtained by unauthorized users.
It is not clear how many people had their information hacked.
In a note to job seekers this week, state officials confirmed receiving reports of "suspicious communications" from individuals claiming to be representatives of an approved employer on the state's MinnesotaWorks.net website.
When the state contacted the employer, it confirmed that the individual or individuals were not employees.
There are no signs the stolen information has been misused to date, Minnesota Department of Employment and Economic Development (DEED) officials said.
"A recent data security incident may have resulted in unauthorized access of jobseekers' contact information such as physical addresses, email addresses and phone numbers," they said in a statement.
DEED said it immediately revoked the hacker's access to the website and notified an undisclosed number of job seekers about the incident. DEED also issued advice on what steps website users could take to protect their personal information and prevent identity theft.
In its letter to people who use the website to apply for jobs, DEED said the hackers might ask for additional private information and advised that people not respond to those communications.
"If you receive any suspicious request for private information about yourself, please remain careful about what information you share," the letter said.
People affected by the data breach or who have questions can contact the state at CareerForce@state.mn.us.
Those impacted by the data breach are also instructed to regularly check their credit reports, which are kept by the three consumer-credit reporting agencies. Copies may be obtained by contacting www.annualcreditreport.com or by calling 1-877-322-8228.
DEED suggested job seekers look for any unfamiliar transactions or accounts on the reports. Oddities or violations can be reported by calling the phone number listed on the credit report or by contacting the Federal Trade Commission at www.consumer.gov/idtheft.
DEED said it is working to improve how it verifies employer representatives on MinnesotaWorks.net and is working on security technology upgrades and other precautions "to prevent future data incidents."
The DEED jobs board breach is the latest of many cyber attacks to hit the state.
The Minnesota Department of Information Technology received 1,006 incident reports last year, said spokesperson Kendall Johnson.
This year hasn't been better.
In May, hackers breached databases within the Minnesota Department of Education as part of a global cyber-security attack involving the global MOVEit software that is regularly used by businesses and government agencies.
In July, hackers breached the University of Minnesota's databases to illegally access roughly 7 million social security numbers dating back to the 1980s.
The Minneapolis Public Schools system was hit by a massive cyber attack in February. Last week, St. Paul Public Schools announced a similar massive data breach that affects thousands of individuals and appears to date back to February.
Minnesota and local governments are increasingly teaming up with the Federal Bureau of Investigation and the Federal Trade Commission to investigate hacking incidents and alert the public to beware of nefarious emails and phishing scams that get unsuspecting users to download viruses onto computers.
This year, $23.5 million in federal and state funds will be injected into state agencies, school districts and local governments to help them beef up cyber security software and threat detection solutions, Johnson said.
"The threat definitely continues to evolve and so our cyber security has to evolve too. Hackers are constantly looking for new people and new groups to target and new ways to target things," she said. "So we have to stay a step ahead of that to prevent and to lessen the impact of these events."
