Breach Exposes Data Of 3.5 Million Teachers And Employees In Texas

  /     /     /  
Publicated : 22/11/2024   Category : security


Breach Exposes Data Of 3.5 Million Teachers And Employees In Texas


Unencrypted data was placed on an Internet-facing server, state comptroller says



The Texas Comptroller’s office Wednesday will begin sending notification letters to some 3.5 million employees and teachers whose personal information was inadvertently disclosed on an agency server that was accessible to the public.
The unencrypted data was placed in public-facing servers in violation of state policy, according to officials.
I deeply regret the exposure of the personal information that occurred and am angry that it happened, Texas Comptroller Susan Combs said in a press release. I want to reassure people that the information was sealed off from any public access immediately after the mistake was discovered and was then moved to a secure location.”
The records contained names, mailing addresses, Social Security numbers, and some dates of birth or driver’s license numbers, the state says. All the numbers were embedded in a chain of numbers and not in separate fields.
The information was in data transferred by the Teacher Retirement System of Texas (TRS), the Texas Workforce Commission (TWC), and the Employees Retirement System of Texas (ERS), according to the release.
The TRS data transferred to the server in January 2010 had records of 1.2 million education employees and retirees. The TWC data transferred in April 2010 had records of about 2 million individuals. And the ERS data transferred in May 2010 had records of approximately 281,000 state employees and retirees.
The data files transferred by those agencies were not encrypted as required by Texas administrative security policy, the release says. In addition, personnel in the Comptroller’s office incorrectly allowed exposure of that data.
Several internal procedures were not followed, leading to the informations placement on a server accessible to the public, the release says. The data was then left on the server for a long period of time, without being purged as required by internal procedures, the state says.
The mistake was discovered the afternoon of March 31, at which time the agency began to seal off public access to the files. The agency has also contacted the Attorney General’s office to conduct an investigation on the data exposure.
The information was transferred tho the Comptrollers office by law as part of the unclaimed property verification system, the release states.
Have a comment on this story? Please click Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Breach Exposes Data Of 3.5 Million Teachers And Employees In Texas