3.2 Million Social Security Numbers Accidentally Leaked

From time to time, I post articles related to data security. Ken Pope does a nice job keeping up with these. Why post these? Because data security is entirely relevant to any one using their health insurance to pay for psychotherapy. Health insurance companies are in the process of digitizing all their information as it is highly convenient. Unfortunately, it also means the information can be easily disseminated, either by negligence or theft.

Here’s the article, as excerpted by Dr. Pope:

Computerworld released an article: “Texas fires two tech chiefs over breach; Data of 3.2M people was inadvertently posted on a publicly
accessible Web site” by Jaikumar Vijayan.

Here are some excerpts:

[begin excerpts]

The Texas State Comptroller’s office has fired its heads of information security and of innovation and technology following an inadvertent data
leak that exposed Social Security numbers and other personal information on over 3.2 million people in the state.


The measures come in the wake of a recent disclosure by Combs’ office that Social Security numbers, driver’s license numbers, and names and
addresses of more than 3.2 million Texans were inadvertently posted on a publicly accessible Web site for nearly a year.


The exposed data was contained in three files that were transferred to the comptroller’s office from the Teacher Retirement System of Texas
(TRS), the Texas Workforce Commission and the Employees Retirement System of Texas (ERS).


However, the data was transferred in an unencrypted manner to the Comptroller.

To compound the mistake, personnel in Combs’ office then put the information onto a server that was accessible to the public and left it
there for an extended period, without purging it as required, the statement said.


“Unfortunately, the Attorney General’s Office has learned that Texans affected by the Internet security breach may now be the targets of a new
telephone scam,” Abbott said.

He asked affected victims to be extra vigilant against fraud.

Abbott’s office is currently conducting an investigation into the breach.

The sheer number of records that were exposed by the comptroller’s office makes this the largest breach involving Social Security numbers
and other personal data, this year.

[end excerpts]