FRANKFORT, Ky. — Kentucky’s unemployment insurance system comes back online Tuesday morning after the state shut it down for four days in an attempt to combat fraud.


What You Need To Know

  • Kentucky's unemployment insurance system comes back online Tuesday

  • Site was shut down for four days in an attempt to combat fraud

  • General Counsel to Gov. Beshear Amy Cubbage said she thinks the fraud is part of a broader cybercrime scam

  • Cubbage said letters have been sent out to all active unemployment insurance claimants with a new eight-digit pins

Amy Cubbage, general counsel to Gov. Andy Beshear, said this is unlike fraudulent claims the Commonwealth is used to seeing. Instead, she thinks this is part of a broader cybercrime scam that has been hitting other states as well.

“Most of the fraud in the past had been one off kind of fraud where someone files and they lie about why they were discharged,” said Cubbage. “This is organized fraud often by cyber criminals who are located overseas and it includes both the filing of fraudulent claims and is now moving to attempts to break into existing accounts and steal the benefits that are being awarded to proper claimants.”

Kentucky unemployment insurance claimants had been using four-digit pins to access their accounts. However, Cubbage said hackers caught on and employed an automated system to guess those numbers. On Thursday, the state slammed on the brakes, shutting down the front-facing unemployment insurance site for four days to work on a solution.

“We hate that we have to do this, to make things more difficult, but these criminals are relentless. They will not stop,” said Cubbage.

Cubbage said letters have been sent out to all active unemployment insurance claimants with a new eight-digit pin. Starting today, people will need to go online and enter that eight-digit pin to re-register before making a new, 12-character password. That new password will have to use a combination of letters, numbers and characters. There will also be two-step verification now.

“The criminal cyber attacks are massive. Not just here, but all over the United States. They’ve moved from hoping to get lucky to trying to directly steal the money who qualify for and are being paid,” said Beshear. "It is going to require us along with virtually every other state to take significant steps. These are unavoidable steps.”

Once people re-register, they should look on their profile to make sure all of their information is correct. They do not need to file new claims.

It’s unclear how wide the scope of this fraud was, but Cubbage did say Kentucky caught around 200,000 fake claims in February alone.