Establishing Digital Trust: Don't Sacrifice Security for Convenience
Virginia's WWBT reports that a file containing the Social Security numbers of hundreds of employees of the Richmond Fire Department was mistakenly made available to all department employees (h/t DataBreaches.net).
The file is maintained so that personal information can quickly be accessed if a firefighter is injured, but it was left exposed on the department's network for several months, leaving it accessible to more than 400 employees of the department.
"Everyone's Social Security numbers were exposed, including mine, and I left August 1 of last year," union president Keith Andes told WWBT. "So that's the troubling thing, especially in the world we're living in today."
Fire Chief Robert Creecy told WWBT that the file should have been secured from general access. "We've been working in the 24 hours since to figure out what went wrong, has the information gone anywhere, and if so, what [we] are going to have to do to ensure the safety of people's information," he said.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Creecy says new security features were implemented following the incident, and the department is considering paying for identity protection services for those affected.