[ISN] Data security breach at INDOT

From: InfoSec News (alerts@private)
Date: Sun Jan 28 2007 - 23:17:22 PST


http://www.indystar.com/apps/pbcs.dll/article?AID=/20070126/LOCAL/701260542

By Theodore Kim
theodore.kim (at) indystar.com
January 26, 2007

The names and Social Security numbers of about 4,000 employees at the 
Indiana Department of Transportation late last year were inadvertently 
left on a computer server accessible to all agency employees and some 
private contractors, officials announced today.
	
Andy Dietrick, an agency spokesman, said there is no evidence any fraud 
occurred. Even so, INDOT Commissioner Karl B. Browning today sent each 
employee a letter informing them of the situation and encouraging them 
to keep tabs on their credit standings and financial accounts.

The file containing the information remained posted on the server 
between September and December. The file was accessible to any INDOT 
employee with computer access and a few private contractors, Dietrick 
said.

"This appears to be not malicious, but rather a case of someone 
inadvertently dragging a file to the wrong place," he said.


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Sun Jan 28 2007 - 23:21:24 PST