California Settles Prison Data Breach Lawsuit
Prisoners were given access to files containing employees' Social Security numbers, driver's license numbers and home addresses.
The State of California has settled a lawsuit filed by workers at California's Pelican Bay Station Prison over data breaches in 2006.
"The settlement last week came after five years of litigation stemming from two incidents in 2006 when the prison allowed inmates to help dispose of files, some of which held personnel records of employees, and kept them in an unsecured area inmates could access," writes The Del Norte Triplicate's Anthony Skeens. "Information from at least 64 employees -- ranging from wardens to correctional officers and including social security numbers, driver license numbers and home addresses -- were found in the possession of inmates. The settlement awarded a total of $175,000 to 23 plaintiffs to pay for credit-monitoring services and court costs."
"The plaintiffs argued that the California Department of Corrections and Rehabilitation (CDCR) violated the state’s Information Practices Act, was negligent, and inflicted emotional distress on the victims. ... In response to the lawsuit, the department changed its policies, noted George Mavris, an attorney for the plaintiffs. ... Inmates are no longer allowed to assist staff with records to be archived or destroyed, and a supervisor must be present at all times while employees are destroying documents, a spokesperson for the CDCR said," Infosecurity reports.