http://www.delawareonline.com/article/20100831/NEWS02/8310324/State+retiree+data+breached By J.L. MILLER The News Journal August 31, 2010 DOVER -- In a data breach that one security expert said could be worth millions of dollars to scam artists, Aon Consulting, the state's benefits consultant, inadvertently posted personal information of about 22,000 state retirees on the Web, potentially exposing them to identity theft for the rest of their lives. The information appeared on the state's procurement website from Aug. 16 to Aug. 20, and included the retirees' Social Security numbers, dates of birth and gender. Their names were not included. The company said it accidentally included the personal information in a request for proposals it had prepared to solicit bids from insurance companies interested in providing vision coverage to state employees and retirees. Insurers need age and other information on the pool of people to be covered in order to prepare a bid, Aon Consulting spokesman Joe Micucci said Monday. He said that is normally done by using a random series of digits assigned to individuals to shield their identity, not their Social Security numbers. However, "the information that should have been randomized was not," Micucci said. [...] _______________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Tue Aug 31 2010 - 23:42:28 PDT
This archive was generated by hypermail 2.2.0 : Tue Aug 31 2010 - 23:45:28 PDT