Hillsides worker emails PII to unencrypted address, 1,000 affected
Hillsides child-services and welfare agency in Pasadena, Calif., reported a data breach on December 30 that could impact about 1,000 clients and staff members.
How many victims? 502 Hillsides clients and 486 agency staff members.
What type of information? The information comprised includes names, social security numbers, home addresses and phone numbers for the staffers, while the birth dates, genders, medical identification numbers, therapists' names and rehabilitative therapists' names of clients were also involved.
What happened? The agency said an employee had sent unencrypted Hillsides files to a personal, non-Hillsides controlled email address on five separate occasions between Oct, 10, 2014 and Oct. 19, 2015.
What was the response? The employee has been fired. Hillsides has notified those affected and recommended they check with a credit bureau to ensure their financial details are in order.
Details? Hillsides said it has been unable to recover the files from the employee and does not know if the files have been deleted. The agency stated it has no evidence the data has been misused.
Quote: “We sincerely apologize for the inconvenience and concern these incidents may have caused to our staff and clients, whose privacy is very important to us,“ Hillsides CEO Joseph M. Costa said.. “We will continue to investigate the incident, to reduce harm to potentially affected individuals, and to protect against future similar occurrences.”
Source: Pasadena Star-News