Conexis Mistakenly Exposes Personal Data of 13,000 Virginia State Employees
All those affected are being provided with free access to credit monitoring and identity theft protection services.
The Roanoke Times reports that 13,000 Virginia state employees' personal information, including their names and Social Security Security numbers, was inadvertently sent to 11 state human resource and payroll employees (h/t DataBreaches.net).
The Virginia Department of Human Resource Management was notified of the breach by Conexis, Anthem's subcontractor for Flexible Spending Account Services, which mistakenly sent flexible spending account participants' personal information to the 11 employees.
Anne Waring, communications manager for the Virginia Department of Human Resource Management, told the Roanoke Times that while human resources and payroll employees are authorized to receive "agency and location-specific employee data," they were mistakenly provided with the full list.
According to the Roanoke Times, the state is "working to enhance security," and Anthem/Conexis is providing all those affected with free access to credit monitoring and identity theft protection services.