Posts Tagged ‘Teacher Retirement System’
We will keep you safe!
Following last week’s massive Epsilon e-mail breach, it feels as if all of us suddenly have a little too much personal information floating around online. And now, a large group of Texans are about to have it a lot worse: the state revealed Monday that personal information for 3.5 million citizens has been exposed to the public, including names, addresses, Social Security numbers, and more.
According to Texas State Comptroller Susan Combs, the data wasn’t exposed by a hacker or a group of vigilante scriptkiddies—it ended up on a state-controlled public server after having been passed around between various state agencies. The data came from the Teacher Retirement System of Texas, the Texas Workforce Commission, and the Employees Retirement System of Texas, all of whom transferred the unencrypted data (against state policy) between January and May of 2010. The information was only discovered on the public server on March 31, 2011, meaning it has been available for almost a year.
… In addition to the aforementioned personal information, Combs said that other data, like date of birth and driver’s license numbers had been exposed “to varying degrees.” Additionally, “all the numbers were embedded in a chain of numbers and not in separate fields”—good if only lazy “hackers” accessed the file, but bad because it ensures that the appropriate data is matched with other data from the same person.
Combs emphasized that numerous internal procedures were not followed, and that her office had been in contact with the Texas Attorney General in order to conduct an investigation into the exposure…
If it’s like most investigations of this type, some poor file clerk will be blamed and walloped.
Unfortunately for those whose data was exposed by the state of Texas, it won’t just be a matter of beefing up their spam filters or making sure not to click links from unverified parties. The comptroller’s office advises that affected individuals should put a fraud alert on their profiles with all the major credit reporting agencies and to carefully monitor all of their accounts for cases of identity theft…Texans whose data was exposed will be notified by letter, or they can call (855) 474-2065 starting April 12 to find out early.
That should make everyone feel all toasty and safe again. The Texas government is on the job.