Data breach leads to identity theft for employees | SC Media

Data breach leads to identity theft for employees

February 9, 2009
Health insurance provider, Kaiser Permanente recently experienced a data breach that led to the release of the personal information of tens of thousands of employees.

How many victims? 29,500.

What type of personal information? Names, addresses, dates of birth and Social Security numbers for Kaiser employees in Northern California.

What was the response? The company launched an internal investigation to determine the source of this breach and is working closely with law enforcement. A toll-free phone line was set up to answer employee questions. Affected employees will receive one year of free credit monitoring.

Details: The breach did not involve Kaiser member information and no personal health details have been jeopardized, according to a written statement issued by Gay Westfall, senior vice president of human resources for the Kaiser Foundation Health Plan.

A "handful" of employees have reported identity thefts as a result of the breach, Kaiser said.

The breach came to light after the arrest of San Ramon resident Mia Garza, 28, on Dec. 23 on suspicion of possession of stolen property and forgery. In a confiscated computer, San Ramon police later found a file with Kaiser employee data, said San Ramon police Cpl. Rich Persson.

Garza is not a Kaiser employee, and it was not immediately clear how she might have obtained the Kaiser information.

Kaiser was informed of the security breach in late January, said spokesman Jim Caroompas.

Garza, who was released from jail Jan. 14, faces felony charges involving two counts of receiving stolen property, two counts of identity theft and two counts of forgery.

Quote: "We regret that this unfortunate incident occurred," Westfall said. "We are notifying each employee who may be affected by phone and letter to provide additional information."

Source: www.mercurynews.com, San Jose Mercury News, “Kaiser warns nearly 30,000 employees of data breach,” Feb. 6, 2009.
prestitial ad