Labor secretary: Busting tall tales of hacking in unemployment system | Commentary
We recently learned the results of an independent audit that reviewed the Kansas Department of Labor’s security infrastructure and improper payments, including fraudulent claims, during the COVID-19 pandemic.
The reports found that the estimated amount of fraud paid out was less than half of what the Legislature’s previous internal audit showed – and the audit also found no evidence of a data breach within KDOL’s systems.
Unfortunately, that’s not the narrative some politicians are pushing Kansans to hear. Instead, these partisan operatives, unhappy with the audit’s findings, have been orchestrating a steady stream of misinformation about what occurred during the pandemic, what that means for Kansans, and why we got into this situation in the first place.
As secretary of labor, it is my duty to address these false claims head-on.
Was KDOL “seriously hacked?” No. While it is true that Kansans’ information was used by both domestic and international bad actors to file fraudulent claims, more than 35 audits have found no evidence that there was a breach of KDOL’s systems.
Was Kansas unique in experiencing unemployment fraud? Absolutely not. In fact, what sets Kansas apart is how little we ultimately paid out compared to other states. The fraudulent claim attempts across the nation, like the ones we saw in Kansas, were driven by personal information disclosed through previous large breaches like the one that Equifax experienced in 2017.
Organized criminal rings took advantage of this easily available information — leading the U.S. Department of Labor inspector general to now estimate that $163 billion was paid out in fraud nationwide during the pandemic. You’d expect that, based on Kansas’ share of the population, we would have paid out nearly $1.44 billion – yet this audit and all others have found we paid a fraction of that number.
Does KDOL provide free credit monitoring services? In the rare cases where someone’s personal information is inadvertently shared with someone else by KDOL, the agency has a long-standing policy of alerting those individuals and offering them credit monitoring services. We will continue to provide this service for any Kansan whose information has been compromised by our systems or processes.
How did we get into this situation? Kansas’ unemployment insurance benefits computer systems were created in the 1970s, around the same time as Pong, digital watches, and the original Atari. Fifty years is essentially fifty centuries when it comes to technology, which is why KDOL began the process to modernize its computer systems in 2005. Unfortunately, those efforts were irresponsibly abandoned in 2011 by Gov. Sam Brownback.
That shortsighted decision directly led to problems implementing the new pandemic unemployment programs and created unnecessary delays in paying legitimate claims. This decision also made the fraud situation worse at every level, including most notably delaying the deployment of a key identity verification system in early 2021.
What is the Kelly administration doing to ensure KDOL is better prepared moving forward? Gov. Kelly ordered the agency to restart the necessary work of updating our systems, prior to the pandemic, so Kansans could receive the benefits they are entitled to without interruption. In June, we formally kicked off the massive effort to finally modernize KDOL’s computer systems. Gov. Kelly even went the extra mile by calling on the U.S. Secretary of Labor to provide additional funding to expedite our efforts.
The independent audit, like many before it, did not provide any evidence that KDOL’s system was hacked. Like most audits, it did provide recommendations to further improve the security of the system that we’re implementing. The new system will improve the online customer service experience and build a system capable of supporting Kansans while establishing safeguards to prevent advanced cybersecurity threats.
I want to acknowledge that KDOL struggled during the pandemic, along with many other states. But the fear mongering about unproven hacks is preventing Kansans from knowing the truth of why things went off course. We continue to make strides to turn the ship and are committed to our modernization efforts so this never happens again.
Amber Shultz is the Kansas Secretary of Labor.
