US Airways employees notified of potential data compromise

Share this article:
Payroll vendor ADP inadvertently made personal information visible to fellow airline staffers.
Payroll vendor ADP inadvertently made personal information visible to fellow airline staffers.

Letters have been mailed to US Airways employees after payroll vendor Automatic Data Processing (ADP) inadvertently made personal information visible to fellow airline staffers.  

How many victims? Unknown, but US Airways employs roughly 40,000 workers.

What type of personal information? Names, Social Security numbers and total taxable W-2 wages for the tax years 2010, 2011 and 2012.

What happened? A programming error in the ADP system made it possible for certain other US Airways employees to download personal information belonging to their colleagues.

What was the response? The airline hired an outside law firm to conduct an investigation and notified appropriate government agencies. ADP is offering a free year of identity protection services. US Airways recommends frequent reviewing of account statements.

Details: ADP informed US Airways in early June of the programming error, explaining it had been corrected in early May. The airline sent a letter home to employees in mid-July and, wanting to protect its employees, the letter did not reveal specifics. 

But it appears a similar breach impacted at least one other organization , the city of Houston, last month, according to a report. It's unclear if the two incidents are linked.

Quote: “US Airways has not received any reports that yours or anyone else's information was seen by any unauthorized employee and has no indication that your information was otherwise available to any other non-employee,” according to the letter.

Source: Vermont attorney general's office, www.atg.state.vt.us, notification letter (PDF), July 18, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.