Personal data left unsecure by Texas comptroller's office, exposes data in the millions -- GCN

Click here to receive GCN magazine for FREE!

Texas comptroller exposes personal data on millions

By GCN Staff
Apr 15, 2011

The names, addresses, Social Security numbers and driver's license numbers of millions of Texans, many of them state workers, were left unsecure on a state server for public consumption, writes Paul Roberts on Threadpost.com.

The unencrypted data was left exposed in the office of the Texas Comptroller for more than a year after an agency-to-agency information transfer, State Comptroller Susan Combs said in a statement obtained by Threadpost.

While the glitch appears to be inadvertent, the comptroller said proper procedure was not followed during the data transaction, including having information encrypted and purging the data after the transfer.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

E-Mail this page

Printable Format

LA launches open source business portal09/19/2016
Preventing fraud with IP-based tracking09/16/2016
DHS official: Look beyond November on voting-system security09/21/2016
How DCIM can help with data center optimization goals08/19/2016
San Francisco explores low-cost fiber network expansion08/09/2016
Helping high schoolers connect degrees to dollars07/08/2016
'Honeywords' can dupe password thieves05/08/2013
Is there a uniform way to handle online identities?02/04/2013

inside gcn

Flight data at your fingertips

Reader Comments

Sat, Oct 22, 2011 Tom Event planning jobs

I agree with David, "is there any discussion about a class action lawsuit against the state of Texas for this breach in their security?" It's time to people talk about things that are important.

Tue, Apr 26, 2011 HoustonVictim

Appears Susan Combs lied when the statement said the data was not transmitted properly. It is now coming out in the news that the data was encrypted by other state agencies and her office messed up. DON'T SPREAD THE BLAME WHEN YOU ARE AT FAULT!

Sat, Apr 23, 2011 David Lewisville, TX

is there any discussion about a class action lawsuit against the state of Texas for this breach in their security? 3.5 million people could get their attention.

Thu, Apr 21, 2011 C.Johnson Austin, TX

I work this school district which sent this bogusness out and tried not to take blame(impersonal--non-PII-- information!?!)~~ The following does not affect employees who were hired after January, 2010. It has been discovered that the following information was available to the public until the mistake was discovered on March 3, 2011: • Employee names • Social Security numbers • Addresses • Birthdates Please read below regarding information that was disseminated by the Texas A&M HR Office: Today, we were notified that there was a breach of impersonal information from Employees Retirement System of Texas (ERS), Teacher Retirement System of Texas (TRS) and the Texas Workforce Commission (TWC). The Texas Comptroller’s office is sending letters beginning Wednesday, April 13, to notify those whose personal information was inadvertently disclosed on an agency server that was accessible to the public. You may check to see if you are receiving a notification letter by: Calling this toll-free number: (855) 474-2065 or Writing to this website: http://www.txsafeguard.org TRS members are also urged to check their credit report and bank accounts for any unauthorized activity

Tue, Apr 19, 2011 DEFENDER OF THE FREE WORLD

Until everyone gets serious about guarding PII, this sort of thing is going to keep happening. There should be stiff penalties for when this happens. It is not a surprize, both government and industry have been told to tighen up there IT operations and both are neglecting to do so because of either funding or the will to train personnel properly on management of sensitive data. At least they reported it, how about when an organization does this sort of thing and doesn't report it and people find out after episodes of indentity theft.

Show All Comments