AUSTIN (KXAN) - More than three million Texans could be at risk for identity theft after their social Security numbers, birthdates and driver's license numbers were placed on a computer server available to the public.
State Comptroller Susan Combs on Monday acknowledged her office inadvertently made the information available.
"I deeply regret the exposure of the personal information that occurred and am angry that it happened," Combs said in a statement released by her office. "I want to reassure people that the information was sealed off from any public access immediately after the mistake was discovered and was then moved to a secure location."
"We take information security very seriously, and this type of exposure will not happen again," she added, saying letters will be sent this week to each Texan whose names were on the server.
The comptroller's office said the records included the names, Social Security numbers and mailing addresses of individuals. The information also included some of the individuals' birthdates and driver's license numbers.
Still, the office said the numbers were embedded as part of a chain of numbers and not listed in separate fields.
The information found its way to the public server as it was being transferred to the comptroller's office by three other state agencies: the Texas Employees Retirement System of Texas, Teacher Retirement System of Texas and Texas Workforce Commission.
"Naturally we were very concerned we found out about this today and we are among those affected by this security lapse," said Lisa Givens, spokesperson for the Texas Workforce Commission.
Givens said two million Texans who filed for unemployment insurance from December 31, 2006 through December 31, 2009 could be at risk for identity theft.
She said the agencies share information with the comptroller by law to determine addresses for people who may have unclaimed property in Texas.
- Texas Retirement System of Texas data transferred in January 2010 had records of 1.2 million education employees and retirees.
- Texas Workforce Commission data transferred in April 2010 had records of about 2 million people in their system.
- Employees Retirement System of Texas data transferred in May 2010 had records of approximately 281,000 state employees and retirees.
The data files transferred by those agencies were not encrypted, even though current rules require it.
Also, the comptroller's office failed to follow internal procedures, which led to the information being placed on the public server and remaining accessible for some time without being purged.
The mishap was discovered March 31, which prompted the agency to seal off public access. The Attorney General's Office is helping with an internal investigation on how the breach was able to continue and remain undetected for several months. The Attorney General's office was notified on April 6, one week after the comptroller discovered the breach. FBI forensics detectives are assisting in the investigation.
A website is in place to provide more details and recommended steps and resources for protecting identity information.
A toll-free, 24-hour phone line will also be available beginning Tuesday at 855-474-2065.
A teacher from Austin was shot and killed while jogging in Benghazi, Libyan officials confirmed Thursday.
Winter is invading Texas with a vengeance as snow, sleet and ice are unleashed on much of northern and western sections of the state.
Several organizations on Thursday called for an end to the use of stun guns in schools, saying the incident Cedar Creek High School last month shows the dangers of such devices.
The expected winter weather has delayed initial construction work on MoPac until the rain and cold temperatures pass through.
Family and friends held a vigil Wednesday at the State Capitol in hopes that a Bastrop man can win a new trial.
A bitterly cold arctic air mass in place over Texas is breaking temperature records, and will be followed by a dangerous, potentially damaging ice storm.