Employees Personal Information Exposed In Department of Consumer Affairs Email Incident
A security breach discovered on Monday, June 9, compromised names and social security numbers of 5,000 employees, contractors and board members in state Department of Consumer Affairs (DCA). About 2,800 of the people on the list are current, full-time employees of the DCA.
The breach occurred on June 5 or 6 when a Microsoft Word document was improperly transmitted electronically outside of the department, said DCA spokesman Russ Heimerich. The document also contained the salaries and titles of everyone on the list, but Heimerich noted that this was public information. Some of the names were employees and board members of the 56 professional boards and bureaus administered by the DCA, such as the Bureau of Automotive Repair and the Medical Board. The document also included some former employees and numerous contractors, such as people who proctor state job examinations.
The main danger with giving away a social security number is that it can be used to set up new credit cards, loans or purchases in someone’s name. However, a thief would generally need other information that was not included and could be harder to get, such as addresses, phone numbers and driver’s license numbers. This kind of information is very easy to obtain though.
The DCA is the main state agency charged with protecting consumers in California. From 2003 to 2007, it also housed the office charged with educating consumers and businesses about identity theft and fraud.
The incident is still being investigated, and it can not be disclosed who had received the document. So far there is no evidence that any information has been used. It was not even clear the recipient had opened the document.
The state Department of Consumer Affairs (DCA) has sent warning letters to all 5,000 affected. The DCA will pay for a year of free credit reports and provide fraud insurance of up to $25,000 for everyone on the list. The DCA had not yet determined how much these protections were going to cost.
Anyone concerned about identity theft can visit http://www.privacy.ca.gov/, for more information on how to protect themselves.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.