NY Transit Employee Info Found on CD

Customer Purchased Refurbished Drive That Contained Info
NY Transit Employee Info Found on CD

The New York City Transit Authority is notifying 15,000 active and former employees that their personal information was exposed when a customer of a major computer retailer purchased a refurbished CD drive that contained a disc that held the information.

See Also: Hunt Cloud Threats or Be Hunted | CISO Guide to Cloud Compromise Assessments

When the customer purchased the drive, she discovered a CD within it that included the personal information on active, retired, deceased and former NYCT employees, such as names, Social Security numbers, dates of birth, phone numbers and earnings information, according to a statement the agency sent to Information Security Media Group. NYCT learned of the incident on Jan. 31.

The individual who purchased the CD drive works for a major NYCT vendor and promptly notified their employer of the issue. The vendor then stored the drive in a safe location and returned it to the NYCT, the statement says. The NYCT is now in possession of the original CD. So far, there has been no evidence to show misuse of the information stored on the CD, the authority says.

An investigation is under way to determine how the CD ended up in the drive that was refurbished and sold. The New York City Police Department has been notified about the incident.

Based on initial findings, the incident happened over the course of merging computer systems, the NYCT says.

Impacted individuals will be notified about the incident through the mail and are being offered one year of complimentary credit and identification monitoring services.

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.