According to Jacksonville's Fox 30 News, a City of Jacksonville, Fla., employee recently found that a confidential document containing the names and Social Security numbers of every city employee hired since 2005 had been posted on an internal network (h/t DataBreaches.net).
In a letter [PDF file] addressed to city council members, Ellen M. Blair, acting director of the City of Jacksonville's Employee Services Department, explained that the document was intended to be accessible only by Employee Services employees, but was mistakenly made available to employees outside the department.
On the advice of city's lawyers have apparently advised that both the employee who found the document and the employee who posted the document be placed on paid administrative leave pending further investigation into the breach.
The Information Technology Department has confirmed that the information was never available on the city's external Web site, that access to the document on the internal portal has now been secured, that the internal portal has temporarily been disabled during the investigation, and that the document has been deleted from all City of Jacksonville e-mail inboxes and from the employee's desktop computer.
"Please be assured that we have immediately launched a review of all procedures, processes, technologies, etc. to ensure that we have sufficient protections in place to protect confidential or sensitive information," Blair wrote in the letter.