Daily cyber threats and internet security news: network security, online safety and latest security alerts
June 24th, 2008

Employees Personal Information Exposed In Department of Consumer Affairs Email Incident

A security breach discovered on Monday, June 9, compromised names and social security numbers of 5,000 employees, contractors and board members in state Department of Consumer Affairs (DCA). About 2,800 of the people on the list are current, full-time employees of the DCA.

The breach occurred on June 5 or 6 when a Microsoft Word document was improperly transmitted electronically outside of the department, said DCA spokesman Russ Heimerich. The document also contained the salaries and titles of everyone on the list, but Heimerich noted that this was public information. Some of the names were employees and board members of the 56 professional boards and bureaus administered by the DCA, such as the Bureau of Automotive Repair and the Medical Board. The document also included some former employees and numerous contractors, such as people who proctor state job examinations.

The main danger with giving away a social security number is that it can be used to set up new credit cards, loans or purchases in someone’s name. However, a thief would generally need other information that was not included and could be harder to get, such as addresses, phone numbers and driver’s license numbers. This kind of information is very easy to obtain though.

The DCA is the main state agency charged with protecting consumers in California. From 2003 to 2007, it also housed the office charged with educating consumers and businesses about identity theft and fraud.

The incident is still being investigated, and it can not be disclosed who had received the document. So far there is no evidence that any information has been used. It was not even clear the recipient had opened the document.

The state Department of Consumer Affairs (DCA) has sent warning letters to all 5,000 affected. The DCA will pay for a year of free credit reports and provide fraud insurance of up to $25,000 for everyone on the list. The DCA had not yet determined how much these protections were going to cost.

Anyone concerned about identity theft can visit, for more information on how to protect themselves.

Share this item with others:

More on CyberInsecure:
  • A Mistake At The University of Toledo Exposes 6500 Employees
  • Hackers Broke Into Federal Aviation Administration’s Computer System
  • Personal Records Stolen In Georgia Department
  • File Sharing Program Exposes Prince William County Public School Private Records
  • US Government Agencies Travel Reservations Website Compromised By Hackers

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Employees Personal Information Exposed In Department of Consumer Affairs Email Incident

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.