Sell
Research and Tools
Parts & Service
- Auto Parts
- Service & Repair
- Quick Searches
- Auto Repair
- Oil Change
Confidential data revealed on Encinitas' Web site
By: ADAM KAYE - Staff Writer | ∞
ENCINITAS -- Credit card or checking account information and addresses for nearly 1,200 people who had enrolled in Encinitas' youth recreation programs was inadvertently posted on the city's Web site, officials said Thursday.
The data was in a public folder on the site for about three months before someone noticed the error, said Jace Schwarm, a risk manager for the city of Encinitas. She said the information was removed from the Web on June 26, immediately after the problem was reported.
While the data was online, no one from outside the city opened the folder that contained the files, Schwarm said.
The error occurred when a city worker scanned waiver forms for the youth programs and posted the digitized documents on the Web instead of the city's internal database.
In addition to confidential financial information, the waivers contained the names, ages and addresses of children participating in the programs in 2001, 2002 and 2003, she said.
All told, nearly 4,000 waivers were posted -- almost 1,200 of them with financial information -- from March 20 until the error was discovered.
As required by state law, the city mailed notices to everyone whose financial information was compromised, officials said.
The notice encourages recipients to review their accounts for suspicious activity and to contact authorities if they find any.
The notice also includes telephone numbers and Internet addresses of credit reporting agencies that recipients can contact to place "fraud alerts" on their accounts.
Such alerts offer consumers protection against an identity thief opening new accounts, said Beth Givens of the Privacy Rights Clearinghouse. To open a new account, the thief would also need the victim's Social Security number, she said.
Even without the financial data, the posting of names and addresses -- especially those of children -- is cause for concern, Givens said.
"Let's say the mother is a battered spouse and is in hiding, or if the parent is a cop," she said. "For a variety of reasons, there are lots of individuals who need to keep their home addresses private."
Schwarm said the breach has prompted reminders throughout City Hall about the handling of documents.
"We absolutely have taken steps," she said. "We have notified all the departments when scanning any kind of documents to beware of confidential data."
A city phone line dedicated to fielding inquiries about the breach has received about 25 calls, Schwarm said. That number is (760) 633-2788.
-- Contact staff writer Adam Kaye at (760) 901-4074 or akaye@nctimes.com.
More Stories
pc wrote on Jul 13, 2007 6:28 AM:how do they know that no one opened the files?
Arealnetadmin wrote on Jul 13, 2007 10:03 AM:The IT Director should be fired.
James wrote on Jul 13, 2007 12:26 PM:As an auditor, it seems that internal controls to prevent this type of issue are lacking in Encinitas. There should be external auditors reviewing the security of all systems as required by the Federal Office of Management and Budget.
Could it be??? wrote on Jul 13, 2007 12:27 PM:Could it be that the individual who scanned the documents was "bilingual"? Not truly bilingual-- which is to say, EQUAL proficiency in two languages, but barely conversational English along with Spanish? (Just nod your head even though you don't really understand.) Regardless, the IT Director needs to be held accountable for having people in employ who cannot do the job for which they‘ve been hired correctly. If this occurred to me I would tie that company up in so much litigation it would make their heads spin.
I am Arthur, King of the Britons wrote on Jul 13, 2007 1:40 PM:Run away!!! Run away!!! The lawyers are coming!!! The lawyers are coming!!! Run away!!! Run away!!!
Unbelievable blunder wrote on Jul 13, 2007 2:05 PM:THREE months before someone discovered it? And I do NOT believe no one 'outside' read it. Wow, what a gold mine of identity theft and pedophile info - FREE! I darn well better hear that the employee's have been fired and sent back to elementary school. At least give the 'person' who discovered it a reward! "Someone" noticed the error - WHO WHO? Would have said it was an employee, but it didn't! Maybe an honest citizen at large? What a blunder!
Ann wrote on Jul 13, 2007 2:39 PM:Will this city ever grow up and be a city run by professionals, instead of by people who could never make it in the real world. And they are all protected because they are government employees. Go figure.
First name only. Comments including last names, contact addresses, e-mail addresses or phone numbers will be deleted. Attempts to misrepresent your identity or impersonate any person will not be approved. All comments are screened before they appear online, so please keep them brief. Comments reflect the views of those commenting and not necessarily those of the North County Times or its staff writers. Click here to view additional comment policies.
Today's Stories
Advertisement