Military employee "dealt with" for emailing personnel data home

Share this article:

An unidentified Hill Air Force Base employee was looking to work from home, but instead had to be “dealt with” after he emailed personal information on hundreds of colleagues to an unprotected personal email address.

How many victims? 525.

What type of personal information? Names and Social Security numbers, among other data.

What happened? Looking to work from home, the employee emailed the data to an unprotected personal email address.  

What was the response? The Utah base notified the affected employees by letter, suggesting a 90-day fraud alert be placed on each of their credit files. Hill Air Force Base is reviewing its policies to reduce the chances of this happening again. Recurring training will be provided with emphasis on handling personal information.

Details: The employee sent out the email in the beginning of July. A follow-up investigation determined that the information contained within the email had not been used maliciously. The employee's supervisor has “dealt with the violation,” according to a Hill Air Force Base spokesperson. Hill Air Force Base did not respond to a request from SCMagazine.com for more details.

Quote: “While there is no excuse for violating this policy, I do want to assure you this was not a malicious act,” John Cullinane, director of Hill's 75th Force Support Squadron, said in the letter. “At a minimum, we will be providing additional training to personnel to ensure they understand that personally identifiable information must at all times be treated in a manner that preserves and protects the confidentiality of the data.”

Source: standard.net, Standard-Examiner, “Hill employee personal info improperly transmitted,” Aug. 23, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Cyberswim notifies customers that payment card data may be at risk

Malicious software installed on Sept. 24 may have compromised personal information for visitors that made purchases between May 12 and Aug. 28.

Marquette University notifies graduate applicants of possible breach

Settings for an internal file server were inadvertently modified, making graduate school applications accessible to anyone with Marquette University login credentials.

Physician's email account, accessed by unknown source, contained patient data

UC Davis Health System is notifying 1,326 patients that a physician's work email account was accessed by an unknown source and an email within that account contained their personal or medical information.