California Employment Development Dept. Compromised

February 13, 2004

http://www.usatoday.com/tech/news/computersecurity/2004-02-13-calif-spam-hack_x. htm



SACRAMENTO (AP) - Hackers broke into a state agency's server containing the sensitive personal information of tens of thousands of people who work as nannies, butlers, and gardeners, and those who employ them.

Evidence of a computer break-in at the Employment Development Department was discovered Jan. 20 during a routine check and immediately shut down the server that holds information on household workers and their employers, spokesman Kevin Callori said Friday.

The server houses information on about 90,000 people.

The hackers gained access to employee's names, Social Security numbers and wage records, and some employers' Social Security numbers, Callori said.

"It's our belief that that the chances of sensitive information having been released was minimal," said Chief Kevin Green, head of the Information Management Division for the California Highway Patrol.

Investigators think the hackers broke in to the server to use it to e-mail spam, not to collect information for identity theft, Green said. It happened sometime before Jan. 20, but Green would not say when.

As a precaution, letters dated Feb. 11 warned household employers and employees of the breach and referred them to the state Office of Privacy Protection for help.

There are no suspects, Green said.

Callori said the EDD has never had such a breach, although it has happened at other agencies.

In May 2002, investigators discovered that hackers had gained access to a state database that contained sensitive personal information on thousands of state workers.


main page ATTRITION feedback