TALLAHASSEE — When the pandemic hit last year, Florida’s unemployment system was in turmoil, with Floridians spending hours on hold with call centers and waiting weeks or months to receive benefits.
Sixteen months later, Floridians using CONNECT are facing some of the same problems — but cyberattacks, not the pandemic, are to blame, the state says.
At least 58,000 applicants had their personal information, including Social Security numbers and bank information, stolen during a data breach, and some haven’t been able to get benefits since.
Thousands of others have been locked out of their accounts, the result, the state says, of “bad actors” trying to log in.
And the state’s fraud-prevention measures have contributed to a recent drop in the number of first-time state unemployment claims being paid out on time, the state says.
“I really thought things were going to get better,” said Vanessa Brito, a Miami activist who has helped thousands of Floridians file their jobless claims. “They’re getting worse.”
Even Floridians who were spared the headaches last year have found themselves suddenly unable to claim benefits.
“I was one of the lucky ones. I really haven’t had issues like this,” said Dana Priest, 50, a single mother from Rockledge who filed for benefits after the pandemic hit.
About five weeks ago, she was told that she was one of thousands of Floridians whose information was stolen by hackers. Her account was locked, and she hasn’t been able to get back into CONNECT to claim her benefits. She hasn’t been able to get through on the state’s call center, either.
“I can’t get ahold of anybody to talk about it,” she said.
Cyberattacks are causing many of the problems Floridians are experiencing, according to the Florida Department of Economic Opportunity, which operates the state’s unemployment system.
In addition to the data breach, which required recipients to send information verifying their identities again, attackers have been trying daily to log in to recipients’ accounts, they said. That has caused recipients’ PINs to have to be reset, forcing recipients to take additional steps to log in to their accounts.
“The bad guys are trying every avenue to get in, and it’s not fair to anybody,” said department spokesperson Emilie Oglesby.
The department said it has reduced the number of fraudulent log-in attempts by 98 percent between July 8 and Aug. 12. It’s blocking fraud-related IP addresses and bad actors’ phone numbers from reaching call centers. It’s working to introduce multi-factor authentication for users as well.
Fraud-prevention measures have contributed to a recent decline in the state’s promptness paying out first-time claims, one of the measures tracked by the U.S. Department of Labor. Early in the pandemic, the state was paying out just 22 percent of first-time state unemployment claims within 21 days, the federal standard for timeliness.
As CONNECT slowly improved, the rate rose to 90 percent in February, higher than the state’s pre-pandemic rate. Since then, it has dropped to 66 percent, federal data show, even though the number of claims during that period has fallen from about 52,000 to 15,000.
Oglesby said those figures reflect a small fraction of the claims the state handles. More than 90 percent of claims are for federal, not state, benefits, she said, and the average time for recipients to receive their first claim for either state or federal benefits is 19 days.
Katrina Quinn, a travel agent from Orlando, was notified she was one of the victims of this year’s data breach. Like Priest, she was one of the few people last year who had no problems filing a claim last year.
But for the past five weeks, she’s been locked out of the system and unable to receive a dime.
“I just have to wait until somebody gets to my name” to fix it, Quinn, 60, said. “Until it happens to you, you don’t know how frustrating it is.”