Poor Data Protection in Texas Costs More Than $1.8 Million

Bob Styran, IT audit expert
April 27, 2011 /

A report from the Austin American-Statesman has revealed a whooping amount of taxpayers’ money being spent on resolving the trouble caused by a poor data protection in Texas that exposed personal data of about 3.5 million people.

More than $1.8 million has already been spent by the Texas Comptroller’s Office in an attempt to water down the massive compromise caused by a major data breach. Of the gross expenditure, $1.2 million was spent for the letters distributed to every individual affected by the breach, $393,000 for their assistance through a call center, and $290,000 for consulting services from Deloitte and Gartner.

Deloitte is tasked to ensure no other sensitive information has been exposed publicly by the poor data protection. Gartner will provide the Comptroller’s Office with assessment services on IT security and risks.

A website, TXsafeguard.org, assisting those who were affected by the breach has lso been set up. The call center, on the other hand, can be reached at (855) 474-2065.

Texas Comptroller Susan Combs made resolve in a press statement to make every Texan feel confident that the data breach would not happen again.

“We will follow our consultants’ advice and do everything in our power to ensure that information entrusted to state government is secure,” she said.

The poor data protection involved an erroneous transfer of unencrypted information by the Teacher Retirement System of Texas in January 2010, the Texas Workforce Commission in April 2010 and the Employees Retirement System of Texas in May 2010. The bungle resulted in the data being made accessible to the public.

The data included birth dates and Social Security numbers of millions of Texans.

The Texas administrative rules specified the need to encrypt every confidential information when transferring it, but the rules have been violated.

Since the data breach erupted, four employees have been sacked by Comb’s office, which included the head of Innovation and Technology and the head of Information Security office. The Comptroller’s Office ensured all the data were already transferred to a secure location.

Meanwhile, the Federal Bureau of Investigation and Texas Civil Rights Project have launched their own investigations into the data breach.

Jim Harrington of the Civil Rights Project, which filed a complaint before the Travis County District Court, said the investigation could lead to litigation.

The group is asking depositions from Comptroller Combs and representatives of the Teacher Retirement System, the Employees Retirement System and the Texas Workforce Commission, who have 15 days to respond to the plea.

 

Share your opinion