Back to Data Breach

Data Breach

Maryland Department of Labor exposes information of 78,000 users in a data breach.


On July 5, 2019, the Maryland Department of Labor (DoL) revealed in a press release that its database was accessed by unauthorized users. Sensitive information of around 78,000 customers stored in the department's database was affected in the breach.

Nature of the affected information

The files stored on the Literacy Works Information System (LWIS) and an unemployment insurance service database were compromised. The LWIS files from 2009, 2010, and 2014 contained the first names, last names, Social Security numbers, dates of birth, cities or counties of residence, graduation dates, and record numbers of users. The 2013 unemployment insurance service database contained the first names, last names, and Social Security numbers of users.

What are the investigation's findings?

As soon as the attack was detected, Maryland DoL contacted both law enforcement and the Maryland Department of IT; it also hired an independent cybersecurity expert to assist with the investigations. It was revealed that even though the breach occurred, there is no evidence suggesting that data was downloaded from the databases. With the help of the security team, they reviewed and strengthened the existing security protocols to prevent similar attacks in the future.

What are they doing post-attack?

Maryland DoL is in the process of notifying the affected individuals regarding the breach and advising them to monitor their accounts for any suspicious activity. The affected users will receive two years of free credit monitoring services. 

Maryland DoL is not the first government agency to fall victim to a cybersecuity incident. If you want to avoid cybersecurity disasters like these, investing in a comprehensive SIEM solution like Log360 is key.Download a 30-day, free trial to start combating internal and external security attacks now.

ManageEngine can help by:

  • Alerting security teams in real time about events such as network attacks, unauthorized file or folder access attempts, security group membership changes, and account lockouts.
  • Detecting unauthorized network access attempts with its built-in Structured Threat Information eXpression (STIX/TAXII) feeds processor. Log360 accesses a global IP threat database that can instantly detect known malicious traffic passing through the network and outbound connections to malicious domains and callback servers. Its global IP threat database contains more than 600 million blacklisted IP addresses collected from trusted open-source threat feeds and is updated daily.
  • Uncovering potential insider threats with its  engine that creates a baseline of normal activities specific to each user and notifies security personnel instantly when there's a deviation from this norm. Rather than using static threshold values, Log360 employs a combination of data analytics and machine learning to define dynamic thresholds based on real-world user behavior.
  • Obtaining important forensic information about incidents using the logs, which can be securely archived to help prove adherence to compliance standards, and reduce or eliminate potential legal penalties during investigations.
  • Automatically raising incidents as tickets to specific technicians in ServiceDesk Plus, JIRA, Zendesk, Kayako, or ServiceNow to create an incident resolution process that's swift and accountable.
  • Start a free trial of Log360 to test these features out yourself.


Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

2022 Zoho Corporation Pvt. Ltd. All rights reserved.