More PA unemployment fraud victims come forward, state announces changes

PENNSYLVANIA — 11 Investigates was contacted by more than 70 unemployment recipients in just the past week, following our reports on a growing number of issues with the Pennsylvania Unemployment Compensation system.

Claimants are frustrated with the state because they can’t get answers about delays in payments and hacks into their accounts.

Another hacking victim

Michele, who asked us not to use her last name, receives Pennsylvania unemployment benefits, but her last three payments were not deposited into her account.

“It said as of Dec. 20 the account is under audit, but there was no explanation whatsoever,” Michele said.

She contacted 11 Investigates after seeing our story on PA unemployment system fraud last week. She was stunned to see the same thing that happened to Ryan in our report happened to her as well.

“It struck me that I was not an isolated event, that this was a pervasive issue,” she said.

Ryan sent us screen shots of his account showing that on Nov. 28, someone using the name Pat McDermott changed his payment type from debit card to direct deposit in a Wells Fargo bank account. Ryan doesn’t have a Wells Fargo account. It was a hack.

Turns out, the exact same thing happened to Michele.

“The payments were routed to Wells Fargo in the name of Pat McDermott,” she said. “It’s unbelievable it was a broad-based hack and it should have been prevented.”

Tuesday night, Michele got an email from Pennsylvania state treasury confirming the breach. The email from an administrative assistant said, “There was a fraud account with WELLS FARGO submitted to your profile which terminated the direct deposit on file.”

11 Investigates contacted Wells Fargo to ask about the fraudulent accounts and received this statement from a spokesperson:

Security is at the heart of everything we do at Wells Fargo and the security of our customer’s account is important. We do not discuss our security procedures in detail to protect its integrity and effectiveness. However, it’s important to note that when we become aware of an issue, we work directly with our customers to assist them. We are happy to assist customers who have concerns about any possible security issues and encourage them to contact us.-- James Baum, Wells Fargo

No state notification of breach

Michele is upset because more than three weeks passed without any notification from the Department of Labor and Industry about the breach, even after she repeatedly called to try and get answers.

“I received no correspondence related to that account change. I was shocked, and then, when I tried to contact them, I made numerous calls to the fraud hotline and the message said ‘Call center full. Call back later.’ And the phone call cut,” she explained.

Out of the more than 70 emails 11 Investigates received about unemployment issues since our story with Ryan, more than a dozen people told us they also had their account payment information changed to a Wells Fargo account.

Pete Smock told us he was “another one of those Wells Fargo people.” His wife saw our unemployment fraud story and that’s when he checked his account and discovered the same thing happened to him.

“Same date, the same name, same bank, crazy” he said, shaking his head. “Why couldn’t they (the state) just have told me, rather than me find out from you that hey, something’s wrong here,” Smock said.

Trying to get answers

We’ve been asking the state for answers about the suspected breach since last week. Finally, late Tuesday, a spokesperson from the Department of Labor and Industry sent an email saying:

The Department of Labor & Industry (L&I) has detected an escalation in fraudsters’ attempts to steal unemployment compensation benefits through increasingly aggressive and sophisticated schemes. In collaboration with the appropriate partners, we are actively gathering information to better understand this escalation in fraudulent activity and planning to implement additional security features in the near future.

By Wednesday morning, L & I put out a press release publicly addressing the fraud issue.

“L&I takes seriously its responsibility to safeguard taxpayer dollars and individuals’ personal data. We will continue these efforts aggressively and transparently,” Secretary Berrier said.

L & I also announced it would also add a multi-factor authentication process to add an extra layer of protection for claimants. 11 Investigates followed up to find out when that extra measure would be added and have yet to receive a response to that question.

Concerns about identity theft

Michele called the state’s announcement “too little, too late,” since her account is already hacked.

“That should have been done at the front end before this (the new system) was rolled out,” she said.

In June, the state launched a $35 million upgrade to its computer system, which was supposed to help improve a massive backlog in claims, but problems have continued.

Victims of this latest breach tell 11 Investigates they believe the state had an obligation to notify them directly that their personal information was compromised and they say not doing that was irresponsible.

“My concern is that these thieves stole additional information that they hacked from the unemployment system and possibly conducted other criminal activities in my name,” Michele said.

“What’s the big secret,” Pete asked. “Do I have to worry about the rest of my financials getting attacked now? How do I know?”

11 Investigates asked the state why all individuals who experienced a possible breach were not notified, but the spokesperson from L & I ignored that question. We have followed up and hope to get an answer.

Advice if you suspect fraud

The Department of Labor and Industry provided the following information for unemployment recipients who suspect fraud on their accounts:

L&I encourages individuals to remain vigilant about guarding their personal and confidential information and to monitor for signs that their information is being used fraudulently. Signs of fraud include:

  • Individuals receiving unrequested unemployment paperwork from L&I’s Office of Unemployment Compensation.
  • Individuals receiving unemployment benefit payments they did not apply for from the Pennsylvania Treasury.
  • Employers receiving notice that a claim has been opened for a current employee who is actively working, or an unknown person.

Report Fraud


  • Individuals can report suspected unemployment fraud by visiting the UC Benefits website and clicking “Report Fraud” at the bottom of the page to complete and submit the Identity Theft Form. Do not log in.
  • Employers should indicate the claim is fraudulent in their response to the Notice of Claim Filed.
  • To report identity theft fraud related to the federal Pandemic Unemployment Assistance (PUA) program, please click here.

To report fraud by phone, call the PA Fraud Hotline at 1-800-692-7469.

L&I recommends that individuals who suspect they are the victims of identity theft file a police report with local law enforcement and provide a copy of the police report to the Office of Unemployment Compensation.

The U.S. Department of Labor recommends that victims of identity theft should also report their information to the National Center for Disaster Fraud. Victims should also consider starting a recovery plan with the Federal Trade Commission.