The most recent instance, originally reported by KCRA-TV, occurred just last month, when California's DHCS (Department of Health Care Services) accidentally published online Social Security numbers and identifying information for some 14,000 Medi-Cal providers. There they remained accessible for nine days, from Nov. 5 through Nov. 14, according to a letter (PDF) from Karen Johnson, chief deputy director for the DHCS.
The SSNs were still retrievable via Google search for at least six more days, according to the letter -- but the department didn't realize it until notified by a provider: "DHCS's IT staff immediately took steps to ensure that any data from the lists was removed from Google and verified the data was not present in other search engines."
While Johnson said in the letter that "the likelihood that the SSNs would have been identified and used by an unauthorized party is not high," the DHCS said it would provide a year's worth of free credit monitoring for affected individuals.
Johnson also noted that the department "has taken immediate action to prevent such errors such as this from occurring" and "our IT staff have implemented additional quality control measures."
Unfortunately, those assurances ring hollow, considering this is the second time this year that California's in-home care providers have seen the state mishandle their data. Per Threatpost, the state's Department of Social Services last May mistakenly mailed an unencrypted microfiche containing 750,000 provider's SSNs and ID numbers to the wrong office. Upon arrival, the microfiche was damaged and information was missing.
This story, "California leaks Social Security numbers for second time this year," was originally published at Infoworld. Get the first word on what the important tech news really means with the GOOGLEFRUIT blog. For the latest developments in business technology news, follow
Googlefruit.blogspot.com
0 comments:
Post a Comment