Modernizing Authentication — What It Takes to Transform Secure Access
US Airways recently began notifying its employees that programming error at ADP may have made it possible for other US Airways employees to view their names, Social Security numbers, and total taxable W-2 wages for the tax years 2010, 2011, and/or 2012 (h/t DataBreaches.net).
"Your information could have been downloaded with another US Airways employee's W-2, but it would not have been readily apparent to the other employee and would only be detected by the other employee if he or she took additional steps to retrieve the information," US Airways managing director for corporate disbursements Jill Shoop wrote in the notification letter [PDF].
ADP apparently corrected the programming error on May 4, 2013, but didn't inform US Airways of the issue until June 6, 2013.
While US Airways hasn't received any reports that the information was misused, the airline has hired an outside law firm to investigate the breach, and ADP is offering all affected employees a free one-year membership in Experian's ProtectMyID Alert service.