Ohio Unemployment Fraud Reporting Site under Attack

As discussed in my recent Linkedin post, the state of Ohio’s COVID-19 fraud reporting website is now under attack from an anonymous hacker.

Under Ohio law, individuals are disqualified from receiving unemployment benefits during the COVID-19 pandemic if they are able to work but refuse job offers or quit their job without good cause. The policy has caused debate because some believe workers are being forced to choose between their livelihoods or health if their employers are not taking enough perceived action to provide a safe workplace.

“It’s a case by case basis, but if you’re just saying ‘I’m afraid of the virus,’ that would not be sufficient. The analysis would need to be that your work environment, the conditions there, are such that you are at risk from a health and safety standard,” said Ohio Department of Jobs and Family Services Director Kimberly Hall in a recent interview regarding the law.

To enforce the law, Ohio launched the Return to Work Dispute Resolution Form for employers to report employees and prevent them from collecting unemployment benefits.

According to VICE news, there is an anonymous hacker that doesn’t like this idea and has taken action against the State. In an effort to sabotage the site, the hacker released a program that inputs fake data into the state website so that state investigators would be swamped with so much data, they won’t know what data is legit versus fake and would make it nearly impossible to deny people their benefits. The program works by submitting information using company names from the top 100 employers from the state of Ohio along with random name and address generators to overwhelm the system with this dummy data.

The anonymous hacker told VICE… “It’s easy enough to go to the page and fill it out, but that wouldn’t amount to enough data to make these particular gears of the state grind to a halt. It needs to be so much data that their ability to investigate these ‘fraud’ cases is hampered.”

The State has since implemented a stronger captcha check, using Google’s re-captcha service, however, the hacker is reportedly tweaking the program in an attempt to work around this.

What are your thoughts?

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts in multiple technical domains. Learn more about our cybersecurity firm and services at www.schneiderdowns.com/cybersecurity or contact us at [email protected].

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2022 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
The pandemic’s impact on contractors’ backlogs
Apache Log4j Vulnerability Update – Remediation Tools and Patches
Apache Log4j Vulnerability Update – CISA Issues Emergency Directive
Apache Log4j Vulnerability Update – Government Responses and Ransomware Activity
HR Management Software Provider Kronos Hit by Ransomware
Apache Log4j Vulnerability Update
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.