[Dataloss] followup: ACS Breach Warning Letter

security curmudgeon jericho at attrition.org
Wed Nov 8 02:09:58 EST 2006 

Letter sent out to an unknown amount of ACS "customers" on Oct 26. Any 
typos are my own.

--

State Directory of New Hires
Operated by ACS

[Customer Name]						[Bar Code]
[Customer Address]					[Number]

Dear [Customer First Name]:

This letter is to inform you of an incident involving the theft of a 
computer that may contain your personal information.  A password-protected 
computer was stolen from a secure facility operated by ACS State and Local 
Solutions, Inc. on behalf of the Colorado State Directory of New Hires 
(SDNH). Employers are required by law to report information to the SDNH 
regarding newly hired employees.

Although you may reside in a state other than Colorado, your information 
was submitted through this channel. This information may include your 
name, address, and social security number. We believe it is important to 
notify you about this incident and to alert you to the possibility of your 
exposure to identity theft.

In responding to the theft, ACS immediately notified law enforcement. 
Colorado law enforcement and ACS are vigorously investigating the theft to 
determine who was involved and to recover the information.

As a precaution, we recommend you carefully review all credit cards and 
other financial account information. If you detect any unauthorized or 
suspicious activity in any of these accounts, you should contact your 
credit card company or other account issuer immediately. We further 
recommend that you obtain a credit report from one of the three credit 
bureaus -- Experian, Equifax or TransUnion. Additional information on how 
best to respond to a possible identity theft is available from the Federal 
Trade Commission at: http://www.consumer.gov/idtheft/ and Colorado 
residents may also see: http://www.ago.state.co.us/idtheft/IDTheft.cfm. 
For your convenience, we are attaching general information about identity 
theft protection.

ACS takes the protection of your personal information very seriously. We 
have established a toll-free number to assit with any questions. This 
number is 1-800-350-0399. We regret this incident occured.

Very truly yours,

[scribble]

ACS Representative

More information about the Dataloss mailing list