California's Monterey County Acknowledges Massive Data Breach

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

The Monterey County Department of Social Services (MCDSS) recently began notifying an undisclosed number of county residents that their personal data may have been exposed when a Monterey County computer was compromised by unauthorized users from overseas on March 17, 2013.

"An investigation into the incident was conducted to determine if any sensitive information on the computer was exposed," MCDSS director Elliott Robinson wrote in the notification letter [PDF]. "That investigation concluded that the unauthorized users were able to break through the password protection on the computer between 3/17/2013 and 3/18/2013. While we have been unable to determine that the data on the computer was retrieved or transferred by the unauthorized users, there is a possibility that the ... information was accessed."

According to the Monterey Herald, the computer held the names, Social Security numbers, and in some cases, addresses and birthdates of 144,493 people who received CalFresh, MediCal, CalWorks and Foster Care payments from the county between 2002 and 2009.

Robinson told the Monterey Herald that the computer hadn't been in use since 2009, and had been shut down but was still connected to the state network. An investigation determined that a power surge had rebooted it at some point.

No identity protection services are being offered to those affected, though all recipients of the notification letter are advised to place a fraud alert on their credit reports.