Document management error exposes data on 187,500 Indiana residents

Share this article:

A contractor serving the Indiana Family and Social Services Administration (FSSA) committed a programming error, which led to private documents being sent to the wrong people.

How many victims? 187,533 clients of the FSSA, which provides food, disability, protection and health care services.

What type of personal information? Names, addresses, phone numbers, email addresses, birth dates, genders, races, benefits, household data, employer data and some financial information, including monthly incomes, expenses and bank balances. Nearly 4,000 of the affected individuals had their Social Security numbers exposed. In addition, some medical information was exposed, such as provider's names.

What happened? A programming error made on a document management system used by RCR Technology Corp. "caused an undetermined number of documents being sent to clients to be duplicated and also inserted with documents sent to other clients."

Details: The error happened on April 6 and involved documents sent between that day and May 21, when the issue was fixed. There's no way of knowing exactly which clients are affected, so the FSSA is notifying everyone who may have been impacted.

What was the response? Victims are being advised to place a 90-day fraud alert on their credit report, a free service.

Source: journalgazette.net, The Journal Gazette, "Verbatim: Thousands contacted about FSSA identity snafu," July, 1, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

George Mason University travel system targeted for malware attack

The incident could have exposed the names and Social Security numbers of users, although no evidence has surfaced to suggest that's the case.

Central Utah Clinic notifies over 30K patients of potential HIPAA breach

The clinic is warning patients of a potential breach after an unauthorized party accessed a server.

Computer hardware containing patient data stolen from Ohio plastic surgery office

Beachwood-Westlake Plastic Surgery and Medical Spa in Ohio notified more than 6,000 patients that a June burglary resulted in a theft of their personal information.