US Airways employees notified of potential data compromise

Share this article:
Payroll vendor ADP inadvertently made personal information visible to fellow airline staffers.
Payroll vendor ADP inadvertently made personal information visible to fellow airline staffers.

Letters have been mailed to US Airways employees after payroll vendor Automatic Data Processing (ADP) inadvertently made personal information visible to fellow airline staffers.  

How many victims? Unknown, but US Airways employs roughly 40,000 workers.

What type of personal information? Names, Social Security numbers and total taxable W-2 wages for the tax years 2010, 2011 and 2012.

What happened? A programming error in the ADP system made it possible for certain other US Airways employees to download personal information belonging to their colleagues.

What was the response? The airline hired an outside law firm to conduct an investigation and notified appropriate government agencies. ADP is offering a free year of identity protection services. US Airways recommends frequent reviewing of account statements.

Details: ADP informed US Airways in early June of the programming error, explaining it had been corrected in early May. The airline sent a letter home to employees in mid-July and, wanting to protect its employees, the letter did not reveal specifics. 

But it appears a similar breach impacted at least one other organization , the city of Houston, last month, according to a report. It's unclear if the two incidents are linked.

Quote: “US Airways has not received any reports that yours or anyone else's information was seen by any unauthorized employee and has no indication that your information was otherwise available to any other non-employee,” according to the letter.

Source: Vermont attorney general's office, www.atg.state.vt.us, notification letter (PDF), July 18, 2013.

Share this article:
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan

About 1,700 people in the Dominion Resources employee wellness program have been notified that their data was accessed in a breach.

Document posted to California city website, employee data accessed

In California, a document posted to the City of Encinitas website contained data on hundreds of current and former city staffers.