Originally created 06/13/06

State workers' information exposed



ATLANTA - Social Security numbers and other personal data for 12,000 Georgia workers were accessible for weeks on a government Web site, and the state only learned of the breach when a former employee reported it.

Because of a coding error, the data for thousands of active state workers in an employee recognition program were inadvertently made available to anyone searching the agency's Web site, said a spokeswoman for the Georgia Merit System, the state's personnel agency.

Such data typically require a password to access, spokeswoman Deborah Williams said.

The affected employees will receive a letter from the agency. They are being warned to routinely monitor credit accounts and reports for possible fraud. All were participants in the state's Faithful Service Awards program.

The agency was trying to make its employees' information more secure when the coding error occurred, Ms. Williams said.

The data were placed online April 1. They were not detected until May 24, when a former state employee searching for an old colleague stumbled across the information and alerted officials.

The Georgia Bureau of Investigation is looking into the incident but believes any public viewing of the data was very limited. Ms. Williams said no fraud has been reported by any workers whose data were made public.

Anyone with questions about the incident is asked to call (404) 651-6300.

This is the third time in less than a year that the state has had to alert thousands of Georgians that their personal data might have been compromised.

In October, a former employee of the Georgia Technology Authority was charged with downloading personal information on 465,000 people to his computer.

In February, a hacker infiltrated a server that held a database of more than 570,000 members of retirement systems, gaining access to Social Security numbers and bank account records.