The Timken Company, an industrial parts manufacturer based in Canton, Ohio, recently began notifying 4,987 people that their personal information may have been exposed when a database file was mistakenly made accessible online.
From January 9, 2014 until February 19, 2014, the file in question was stored on a server used to exchange non-confidential data with third parties. When the error was discovered on February 19, 2014, the file was removed from the server.
The file contained names, birthdates, Social Security numbers, genders and results from employment hearing screenings -- all those affected are either current Timken employees, former employees, or past applicants for employment.
"Our investigation revealed that there was one unauthorized access of the file, which occurred on January 30, 2014," the company stated in the notification letter [PDF]. "At this time Timken has no evidence that the file has been used for fraudulent purposes, but a team of employees and outside consultants has been working with law enforcement on this matter. Timken's data security team is also working to ensure all Timken processes and practices related to personal information are reviewed and updated as needed."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
All those affected are being offered one free year of credit monitoring services through Experian's ProtectMyID Alert.
Employees and job applicants with questions are advised to contact (877) 736-4495.