Personal Data Of Two Million Texans Left Exposed For Years

Uploaded on 2022-05-23 in NEWS-News Analysis, GOVERNMENT-Local, FREE TO VIEW

The personal information of almost two million Texans has been exposed for almost three years because of faulty programming issue at the Texas Department of Insurance (TDI). The department says that details of 1.8 million workers who have filed compensation claims were publicly available online from March 2019 to January 2022. 

TDI has made this clear in a State Audit Report published recently that the exposed information included Social Security numbers, addresses, birth dates, telephone numbers and other information about workers. A forensics company worked alongside TDI to determine the scope of the incident. 

TDI has also issued letters to individuals who submitted new workers’ compensation claims between March 2019 and January of 2022, offering 12 months of credit monitoring and identity protection services.

The TDI said the investigation did not find any evidence workers’ personal information had been misused. “In January 2022, TDI began an investigation to determine the full nature and scope of the issue, which included working with a forensic company and working to find out whose information was or might have been viewed by people outside of TDI. “To date, we are not aware of any misuse of the information,” it stated. The department added that it is offering 12 months of credit monitoring and identity protection services at no cost to those who may have been affected.

The security incident was addressed in a state audit report that was published in May 2022. This means that from March 2019 to January 2022, personally identifiable information was exposed to anyone who knew how to find it for nearly three years.

The public notice confirmed that TDI became aware of the security issue on January 4, 2022 after discovering a flaw in the TDI web application that manages workers’ compensation information.  TDI is a state agency that oversees the insurance industry in Texans and ensures that companies are abiding by state regulations.

According to the audit, TDI immediately took the application offline when it realised the flaw. 

TDI Texas:        TDI Texas:      BigCountry:       Oodaloop:       Infosecurity Magazine:    YouTube:  

You Might Also Read: 

E-Commerce Site Exposed Children Worldwide:


 

« Conti Attack US Precision Engineering Business
Canada Bans China From Its 5G Networks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

INCIBE-CERT

INCIBE-CERT

INCIBE-CERT is the reference security incident response center for citizens and private law entities in Spain

XCure Solutions

XCure Solutions

XCure Solutions are a Finnish company specializing in data security, data protection and data recovery.

CyberDef

CyberDef

CyberDef is a consulting company specialising in cyber defence services for small and medium enterprises.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Elron Ventures

Elron Ventures

Elron partner with early stage ventures to build companies that transform lives and industries. Our main areas of focus are enterprise software, cybersecurity, and healthcare.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

NJVC

NJVC

NJVC delivers IT automation, optimization and security to empower mission-enabling IT for customers with secure requirements.

Globant

Globant

Globant is an It and software development company. We leverage the latest technologies and methodologies to help organizations transform in every aspect, including software security.

Input Output (IOHK)

Input Output (IOHK)

IOHK is one of the world's pre-eminent blockchain infrastructure research and engineering companies.

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.

Yogosha

Yogosha

Yogosha is a crowdsourced cybersecurity platform enabling a win-win collaboration with the most talented hackers to detect and fix vulnerabilities on your most critical systems.

WiebeTech

WiebeTech

WiebeTech’s line of digital forensics tools provide innovative and rugged devices for efficient disk imaging and evidence capture.

Plerion

Plerion

Plerion is an all-in-one Cloud Security Platform that supports workloads across AWS, Azure, and GCP delivering cloud security posture management, workload security, data security and more.

Brunswick Group

Brunswick Group

Brunswick is a critical issues firm. We advise the world’s leading companies on how to navigate the critical issues they face and engage with their critical stakeholders.

Kahootz

Kahootz

Kahootz is a highly secure cloud collaboration platform helping teams to work together across organisations.