qondio.com/61RC PRINT EMAIL
SHA Personal Information Exposed Accidentally BALTIMORE -- Sensitive personal information concerning 1,800 State Highway Administration employees, including names and Social Security numbers, was compromised last week, officials said “We had an incident where an employee transferred personnel transaction data from a secure drive to a SHA shared drive,” said SHA Deputy Administrator of Finance and I.T. Normetha Goodrum. An internal investigation found that the breach was done inadvertently and not with criminal intent. SHA said it is currently redacting Social Security numbers and will no longer keep them in personnel files. They said that personnel information will be password protected. Officials said they’re still checking to see if the information has gone beyond the agency, but said they don’t believe so. They sent letters and e-mails to those potentially impacted, including SHA field workers and former employees. Computer security expert Avi Rubin of Johns Hopkins University said he considers the internal data compromise serious and preventable. “I think it is even more important for organizations to look into encryption solutions so that when these things occur, somebody can only find encrypted data and it won't do them any good,” he said. Security breaches of computer data have become a growing problem. State law mandates that businesses keep consumer data and report when it’s lost or stolen. The state attorney general’s office keeps track of them. So far this year, 64 companies have reported security breaches, officials said. They said that hackers sometimes get it, and in some cases, it’s stolen out of employees’ homes, cars or lockers. “They can open bank accounts, take out a mortgages, establish a line of credit all in your name, then skip town,” Rubin said. “We are taking it seriously, and we want to take every measure possible so that it does not happen again,” Goodrum said. Computer experts said they are amazed that companies rarely do security sweeps or preventive maintenance. Rubin said that most react only after their information is compromised or breached.

Contributed by dropstarz on April 29, 2008, at 10:12 PM UTC.

Reactions

No reactions yet.

Rate This Intel

Please login or sign up to rate this intel.

Comments

Please login or sign up to add a comment.

Share

Copyright Notice

The copyright for this content entitled "SHA Personal Information Exposed Accidentally" has been specified by the contributor as:

All Rights Reserved

This content may not be copied, distributed or adapted by anyone under any circumstances.

Login Here with Any Email Address Any Password Remember login No account? Sign up.

Intel Contributor

This intel was contributed by dropstarz

Qondio Archive

May, 2012 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 2008 January, February, March, April, May, June, July, August, September, October, November, December 2009 January, February, March, April, May, June, July, August, September, October, November, December 2010 January, February, March, April, May, June, July, August, September, October, November, December 2011 January, February, March, April, May, June, July, August, September, October, November, December 2012 January, February, March, April, May

Sign Up

Not a member yet? Qondio is a powerful network for making it online. If you have a website to promote, we can help. Sign up and get in on the action.

About Qondio

Welcome to Qondio! Discover the awesome power this network can deliver by going to our About page. Or you could skip straight to the Sign Up form.