|
crkatk: Beware!: State agency warns of security breach |
|
|
State agency warns of security breach
By Ina Fried
CNET News.com
February 13, 2004, 10:06 AM PT
Some California workers may have had their salaries and other personal information compromised after someone gained unauthorized access to a state agency's computer.
The California Employment Development Department has begun warning some current and former household workers that their information may have been accessed by an intruder, CNET News.com has learned. The agency sent a letter, dated Feb. 11, notifying people of the breach and offering information about how to reduce the risk of identity theft.
Approximately 55,000 employees were affected, EDD spokesman Kevin Callori said in an interview. The agency said the database in question contained names, Social Security numbers and wages.
At this time we do not know the intent of the intruder or whether your personal information was accessed, Dale Morgan, chief information security officer of the EDD, said in the letter, which was obtained by CNET News.com.
An internal EDD review of the incident found that a source outside of EDD gained access to a computer system containing personal information about you, he added.
Morgan said that the unauthorized access is being investigated by the computer crimes unit of the California Highway Patrol.
The EDD regrets that this incident occurred and assures you that we are working with law enforcement to protect against further incidents of this kind, the letter said.
Callori said that the breach, which was detected on Jan. 20, was limited to a single server containing information about household workers.
There is no evidence they accessed personal information, he said. Apparently, they were using the server to send out spam.
However, because investigators could not rule out the possibility the information was accessed, the agency needed to notify people, he said.
California implemented a law last year requiring businesses and government agencies to reveal if a database containing private information has been compromised.
The server in question, Callori said, was not using Microsoft's Windows operating system, while most other EDD servers are Windows-based. Apparently this is a nonstandard (server) unique to this application, he said.
In December, portions of the LocatePlus database used by law enforcement and credit agencies was briefly made accessible via the Internet.
Identity theft has been a growing concern in recent years, with analyst firm Gartner estimating last year that 3.4 percent of Americans--or more than 7 million people--had their personal information compromised within the past 12 months.
More at ZDNet
|
|
|
|
Posted on Friday, 13 February 2004 @ 18:27:42 EST by phoenix22
|
|
|
|
|
Login |
|
|
|
|
|
· New User? ·
Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
Average Score: 0
Votes: 0
|
|
|