Fingers are pointing to an unidentified former employee of the Colorado Department of Transportation (CDOT) as the perp behind a breach that could lead to a "risk of identity theft," the Denver Post reports.
A spokeswoman at the CDOT said the recent breach of the department's Disadvantaged Business Enterprise (DBE) program, which receives funding through the U.S. Department of Transportation, has been reported to the Colorado Bureau of Investigation (CBI).
A notification letter sent on Wednesday to DBE program members said a probationary employee – who worked for the department from January 2016 to April 2016 – had access to confidential tax returns and was using personal information for improper purposes.
"It appears that family members of [DBE] firm owners were targeted, so we encourage you to be aware of a potential misuse of the information of your dependents," the letter stated.
The CBI and CDOT are each investigating and CDOT announced it is examining internal procedures to better defend systems.
