Military employee "dealt with" for emailing personnel data home

Share this article:

An unidentified Hill Air Force Base employee was looking to work from home, but instead had to be “dealt with” after he emailed personal information on hundreds of colleagues to an unprotected personal email address.

How many victims? 525.

What type of personal information? Names and Social Security numbers, among other data.

What happened? Looking to work from home, the employee emailed the data to an unprotected personal email address.  

What was the response? The Utah base notified the affected employees by letter, suggesting a 90-day fraud alert be placed on each of their credit files. Hill Air Force Base is reviewing its policies to reduce the chances of this happening again. Recurring training will be provided with emphasis on handling personal information.

Details: The employee sent out the email in the beginning of July. A follow-up investigation determined that the information contained within the email had not been used maliciously. The employee's supervisor has “dealt with the violation,” according to a Hill Air Force Base spokesperson. Hill Air Force Base did not respond to a request from SCMagazine.com for more details.

Quote: “While there is no excuse for violating this policy, I do want to assure you this was not a malicious act,” John Cullinane, director of Hill's 75th Force Support Squadron, said in the letter. “At a minimum, we will be providing additional training to personnel to ensure they understand that personally identifiable information must at all times be treated in a manner that preserves and protects the confidentiality of the data.”

Source: standard.net, Standard-Examiner, “Hill employee personal info improperly transmitted,” Aug. 23, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.

Fidelity National Financial employees targeted in phishing attack

Data is at risk after the email accounts of a small number of employees with Fidelity National Financial were compromised in a targeted phishing attack.