California loses data for over 800,000 people

Losing your information can never be a good thing, but when it is the fault of an agency designed to keep your information safe, it is worse still. This nightmare has become a reality within the state of California. During a disaster preparedness exercise, the California Department of Child Support Services lost four storage devices. They're not sure where they lost them, either.

Physorg reported on the disastrous incident, which happened earlier this month, on March 12th. The department only acknowledged the issue on Thursday, March 29th. Somewhere between Boulder, Colorado, and Sacramento, these storage devices went missing, and there is every chance they could have fallen into the hands of individuals with malicious intent. These devices were in the possession of Iron Mountain and IBM when they went missing. Stored upon the devices is the following cheat-sheet to identity theft:

  • Addresses
  • Driver's license numbers
  • Names of health insurance providers
  • Employers for custodial parents
  • Employers for non-custodial parents
  • Children

You may be wondering why these devices were being moved. According to spokeswoman Christine Lalley of the Office of Technology Services, they were being sent to IBM as a disaster simulation. In the event of a disaster this was to discover whether IBM could run the Californian state's child support system remotely. Testing proved successful, and the cartridges were to be sent back. Iron Mountain provide secure transport for materials such as these for the state, barring one issue: they don't do flights. Incredibly, the data was sent through FedEx instead.

The current theory from which Lalley and the Office of Technology Services are working is that the container that these devices were stored in was not secure. Therefore, they must have fallen out... somewhere.

Those affected by the breach are advised to put a fraud alert on their credit cards, get copies of their credit reports, and take all other steps to protect their identities. On the plus side they have said that the incident will not have any impact on the processing of child support cases.

Report a problem with article
Previous Story

Retro Review: Nokia 6310i (circa 2002)

Next Story

Windows 8 China SKU in the works?

24 Comments

Commenting is disabled on this article.

Fools! You never send real information for a practice run! What if this had accidentally been sent over an insecure network? Oops, look like it did.

This is excellent news! Looks like I not only saved a ton on my car insurance, but I'm also going to save an additional $48,000 on child support too! Thank you California!

sensationalist article. This would only affect people who deal with child support services...says so in the first sentence. I'm not worried.

remixedcat said,
Backups??? don't they got a cloud server for that kinda stuff?? o.O

some kinds of data you can't by law put on a "cloud service" I know the data we store here we are not allowed to we still have to send tapes back and forth in locked boxes to a secure facility... we use to have iron mountain but dropped them after their last security screw up

neufuse said,

some kinds of data you can't by law put on a "cloud service" I know the data we store here we are not allowed to we still have to send tapes back and forth in locked boxes to a secure facility... we use to have iron mountain but dropped them after their last security screw up

secure vmware private clouds in a datacenter like inetu, equinix, etc... those kinda clouds... not places like amazon, rackspace, azure, etc...

remixedcat said,

secure vmware private clouds in a datacenter like inetu, equinix, etc... those kinda clouds... not places like amazon, rackspace, azure, etc...


Think about the context for a moment. They were transferring the data from one location to another. How is having a private cloud data center going to change this situation? Move the entire rack from one location to another? The other option is going online with it to do that, at which point you might as well be using Amazon, etc. The idea was to get the data physically out of a disaster zone.

ILikeTobacco said,

Think about the context for a moment. They were transferring the data from one location to another. How is having a private cloud data center going to change this situation? Move the entire rack from one location to another? The other option is going online with it to do that, at which point you might as well be using Amazon, etc. The idea was to get the data physically out of a disaster zone.

I was refering to the post above mine....

This is a smokescreen for selling the data I reckon. Someone somewhere just got very rich... Just a theory.

WP7 said,
This is a smokescreen for selling the data I reckon. Someone somewhere just got very rich... Just a theory.
Well, California is broke... sell the data and blame Iron Mountain to get a payout, win/win for the state.

By the way, I'm kidding.

zeke009 said,
Well, California is broke... sell the data and blame Iron Mountain to get a payout, win/win for the state.

By the way, I'm kidding.

not much of a payout when all those people sue california for this, you know they would go after the state not the place that actually lost the data

JamesWeb said,
Why was real world data being used in a disaster preparedness exercise anyway?

Exactly. This was probably some 4th or 5th backup lost somewhere. Don't know if sensationalizing!

JamesWeb said,
Why was real world data being used in a disaster preparedness exercise anyway?

Exactly. They couldn't do this test with generic data? I never test my own software on real data and don't open myself up to half of the nonsense they did.

este said,

He meant literally I think

ahh...looks funny...would expect to see "they FELL off a truck", and that's how he acquired them

butilikethecookie said,
They got lost in the mail. Wow. They were UNENCRYPTED and in readable text!?! *facepalm*

Well, this is the government... LOL

WarriorEd22 said,
So... what should I do?

Pull your credit cards, put a stop on your bank account. Watch your money like a hawk.

Quote:
Those affected by the breach are advised to put a fraud alert on their credit cards, get copies of their credit reports, and take all other steps to protect their identities. On the plus side they have said that the incident will not have any impact on the processing of child support cases.