TRENDING:

NY Transit Employee Info Found on CD

Customer Purchased Refurbished Drive That Contained Info Jeffrey Roman (gen_sec) • March 14, 2014    
NY Transit Employee Info Found on CD

The New York City Transit Authority is notifying 15,000 active and former employees that their personal information was exposed when a customer of a major computer retailer purchased a refurbished CD drive that contained a disc that held the information.

See Also: The Essential Guide To Machine Data

When the customer purchased the drive, she discovered a CD within it that included the personal information on active, retired, deceased and former NYCT employees, such as names, Social Security numbers, dates of birth, phone numbers and earnings information, according to a statement the agency sent to Information Security Media Group. NYCT learned of the incident on Jan. 31.

The individual who purchased the CD drive works for a major NYCT vendor and promptly notified their employer of the issue. The vendor then stored the drive in a safe location and returned it to the NYCT, the statement says. The NYCT is now in possession of the original CD. So far, there has been no evidence to show misuse of the information stored on the CD, the authority says.

An investigation is under way to determine how the CD ended up in the drive that was refurbished and sold. The New York City Police Department has been notified about the incident.

Based on initial findings, the incident happened over the course of merging computer systems, the NYCT says.

Impacted individuals will be notified about the incident through the mail and are being offered one year of complimentary credit and identification monitoring services.

Previous
Break the Fraud Lifecycle
Next
NoMoreRack Investigates Possible Attack

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.



Around the Network

PCI Council's Efforts to Fight Fraud During COVID-19 Crisis
PCI Council's Efforts to Fight Fraud During COVID-19 Crisis
Guarding Against COVID-19 Fraud Schemes
Guarding Against COVID-19 Fraud Schemes
Analysis: Keeping IoT Devices Secure
Analysis: Keeping IoT Devices Secure
'Ripple20' Flaws in Medical Devices: The Risks
'Ripple20' Flaws in Medical Devices: The Risks
Using AI & ML to Mitigate Threats
Using AI & ML to Mitigate Threats
Sizing Up Security Challenges for Telecom Companies
Sizing Up Security Challenges for Telecom Companies
Digital IDs: A Progress Report
Digital IDs: A Progress Report
Using AI for Improved Threat Detection
Using AI for Improved Threat Detection
Analysis: Mitigating Risks in Multicloud Environments
Analysis: Mitigating Risks in Multicloud Environments
Ransom Demands: What Happens If Victims Pay or Don't Pay?
Ransom Demands: What Happens If Victims Pay or Don't Pay?

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.