SACRAMENTO, Calif. (CBS13/AP) – Officials say a former California state employee downloaded sensitive personal information on thousands of fellow workers, potentially exposing them to identity theft.
The breach affected employees within the California Department of Fish and Wildlife.
The breach was discovered before Christmas, but wasn’t disclosed to employees until this week.
The California Highway Patrol is investigating. The department says the former employee did not appear to have had malicious intent. It did not say if investigators believe criminals might have accessed the data
The data includes names and Social Security numbers from employees who worked at the department and the California Wildlife Conservation Board in 2007. It included personal information for vendors who worked with the department and board between 2007 and 2010.
NOTICE SENT TO EMPLOYEES DATED FEB. 15, 2018
We are writing to notify you of a recent security incident within the California Department of Fish and Wildlife (CDFW). The incident was discovered on 12/22/2017. A former employee downloaded personally identifiable information to an unencrypted personal device and took the data outside of CDFW’s secure network.
What Information Was Involved?
The data contained first name, last name, and social security numbers and, for a limited number of individuals the data included home addresses. The compromised data were that of individuals in employee records in 2007 with CDFW and the Wildlife Conservation Board (WCB), as well as of vendors or employees with WCB for the period of 2007 through 2010.
What We Are Doing:
We take the security of personally identifiable information very seriously. We promptly notified the California Highway Patrol (CHP), which is investigating the incident. Consistent with Civil Code section 1798.29(c), CDFW did not provide notice until the CHP determined doing so would not impede the criminal investigation. At this time, we have no information to indicate the former employee had any malicious intent.
CDFW regrets that this incident occurred and wants to assure you that we are reviewing and revising our policies, procedures, and practices to minimize the risk of future recurrence.
What You Can Do
We wanted to alert you to the fact that your personal information may have been viewed by an unauthorized person. If you have concerns about any potential harm, please consult the resources below; these websites have helpful information to protect you from potential identify theft, including how to receive a free copy of your credit report either through the Fair Credit Reporting Act or as a result of placing a fraud alert on your credit files:
- California Office of Attorney General http://oag.ca.gov/idtheft
- Social Security Office http://www.ssa.gov/pubs/10064.html
- Free Credit Report https://www.annualcreditreport.com
The three credit bureaus are also a good source of information regarding identity theft:
- Equifax (800) 525-6285 http://www.equifax.com
- Experian (888) 397-3742 http://www.experian.com
- TransUnion (800) 680-7289 http://www.transunion.com
Other Important Information:
For More Information
For more information on identity theft, you may visit the Web site of the California Department of Justice, Privacy Enforcement and Protection at http://www.privacy.ca.gov.
On behalf of the California Department of Fish and Wildlife, we offer our sincerest apology that this unfortunate incident occurred. We assure you that protecting and safeguarding your information is one of our highest priorities. If you have any questions with regard to this matter, please contact:
Deputy Director, Administration
Copyright 2018 The Associated Press.