US Airways employees notified of potential data compromise

Share this article:
Payroll vendor ADP inadvertently made personal information visible to fellow airline staffers.
Payroll vendor ADP inadvertently made personal information visible to fellow airline staffers.

Letters have been mailed to US Airways employees after payroll vendor Automatic Data Processing (ADP) inadvertently made personal information visible to fellow airline staffers.  

How many victims? Unknown, but US Airways employs roughly 40,000 workers.

What type of personal information? Names, Social Security numbers and total taxable W-2 wages for the tax years 2010, 2011 and 2012.

What happened? A programming error in the ADP system made it possible for certain other US Airways employees to download personal information belonging to their colleagues.

What was the response? The airline hired an outside law firm to conduct an investigation and notified appropriate government agencies. ADP is offering a free year of identity protection services. US Airways recommends frequent reviewing of account statements.

Details: ADP informed US Airways in early June of the programming error, explaining it had been corrected in early May. The airline sent a letter home to employees in mid-July and, wanting to protect its employees, the letter did not reveal specifics. 

But it appears a similar breach impacted at least one other organization , the city of Houston, last month, according to a report. It's unclear if the two incidents are linked.

Quote: “US Airways has not received any reports that yours or anyone else's information was seen by any unauthorized employee and has no indication that your information was otherwise available to any other non-employee,” according to the letter.

Source: Vermont attorney general's office, www.atg.state.vt.us, notification letter (PDF), July 18, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Backup hard drive stolen from law firm contained personal info

Social security numbers were among the information on a backup hard drive that was stolen from an employee of Imhoff and Associates, PC.

POS malware infections at two OTTO pizzeria locations in Maine

About 900 customers at two OTTO pizzeria locations in Portland, Maine, had payment card data compromised after POS malware was discovered on terminals.

Los Angeles-based health system breached; more than 500 patients affected

Personal information on more than 500 Cedars-Sinai Health System patients was compromised after a laptop was stolen from an employee's home.