Ohio officials are rethinking the policy of removing unemployment benefits for workers who refuse to work during the COVID-19 ordeal, according to the cleveland.com.
On Friday, VICE reported someone hacked into the state’s unemployment benefits system website. This hack allowed people to send “junk data” to part of the website where employers “can report employees who quit or refuse work when it is available due to COVID-19.”
The code the hacker created automatically generates fake information on a form posted on the Ohio Department of Job and Family Services (ODJFS) website. Once the script for the code became available publicly on social media, a software engineer named David Ankin, VICE reported, altered the script to allow anyone to constantly submit fake data to the website as the script ran in their computer’s background.
VICE did not say if the anonymous hacker and Ankin knew each other, but the software engineer did tell the news outlet, “If you get several hundred people to do this, it’s pretty hard to keep your data clean unless you have data scientists on staff.”
According to a LinkedIn profile believed to belong to the technology expert, Ankin is listed as a programmer for MK Elections – a company that provides election services to labor unions, Indian nations, and public sector entities, among other organizations and interests.
On a Facebook account that appears to be for Ankin’s personal use, he recently posted “F**K OHIO” with a link to Ohio’s unemployment website that was hacked last week. Other posts on the account reflect leftist views and support for former presidential candidate Bernie Sanders (I-VT).
The point of the attack, VICE said, was to “overwhelm” Ohio’s unemployment system so it would be difficult for Ohio to handle legitimate submissions.
“It’s easy enough to go to the page and fill it out, but that wouldn’t amount to enough data to make these particular gears of the state grind to a halt,” the anonymous hacker told VICE. “It needs to be so much data that their ability to investigate these ‘fraud’ cases is hampered.”
Even though the code successfully ran through the state’s unemployment website, none of the false forms resulted in actionable claims, spokesman Bret Crow told cleveland.com.
“As a result of this incident, ODJFS implemented additional security measures to address this issue,” he said in an email. “This attack is considered a distributed denial-of-service attack, one that attempts to disrupt traffic of a targeted network. Based on the form generation and validation process, this attack was a low risk to disrupt traffic. No false claims were processed by ODJFS.”
“We continue to encourage employers to engage in dialogue with an employee who expresses reluctance to return to work about the measures that employers are taking to help employees feel safe,” the spokesman added.
Throughout the coronavirus pandemic, jobless claims have flooded the ODJFS. As of last week, around half of the 1.1 million people who filed jobless claims had received their benefits.
– – –
Zachery Schmidt is the digital editor of Star News Digital Media. If you have any tips, email Zachery at [email protected]