City of Indianapolis posts personal information on website
A spreadsheet containing personal information of people charged with minor drug and alcohol offenses in Indianapolis in 2006 and 2007 was posted to the city’s website for 11 days.How many victims? 3,300.
What type of personal information? Names, Social Security numbers and dates of birth.
What happened? The spreadsheet was posted late September until Oct. 9. The breach was the result of a human error, according to Kevin Ortell, interim chief information officer for the city of Indianapolis.
What was the response? The spreadsheet was taken offline; the city’s website was also taken down and replaced with an older version of the site. Notification letters were sent to affected individuals, along with information about identity theft. The city also notified law enforcement and set up a hotline to answer questions.
Quote: "ISA took aggressive action to correct the problem, to notify the affected individuals and to prevent this type of disclosure from happening again," Ortell said in a news release.
Source: Indystar.com, The Indianapolis Star, Ind., “Personal data put on city Web site”, Oct. 16, 2008.
