Update on State Auditor’s Office efforts regarding data security incident

Feb 25, 2021

OLYMPIA – This week the Office of the Washington State Auditor will begin notifying people whose unemployment benefits claims information may have been affected by a security breach of the Accellion file transfer service.

The notifications will be sent by e-mail during the next two weeks to people who filed an unemployment insurance claim in 2020. The e-mail will contain information about identity theft protection and an individual code for 12 months of free credit monitoring and instructions on how to enroll and request assistance.

The Office will post updated information on its dedicated webpage, sao.wa.gov/breach2021, as this process proceeds.

It is important to note that people should not contact the Employment Security Department about this issue. Support related to the data breach is being offered through SAO and its service providers.

The unemployment benefits claim files of the individuals to receive these notifications may have contained the person's name, social security number, date of birth, street and e-mail addresses, bank account number and bank routing number.

Upon originally learning in mid-January about the incident, SAO immediately took steps to ensure the security of its systems and to work with Accellion to identify the files that may have been affected by the incident. Over the next few weeks, SAO learned that this incident allowed an unauthorized person to gain access to data files stored in SAO's account with Accellion's service.

SAO also engaged a third-party cybersecurity forensics team, and the investigation is ongoing by Accellion, SAO, and law enforcement.

For more information, please visit www.sao.wa.gov/breach2021/.