Personal Data Of Two Million Texans Left Exposed For Years

Uploaded on 2022-05-23 in NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW

The personal information of almost two million Texans has been exposed for almost three years because of faulty programming issue at the Texas Department of Insurance (TDI). The department says that details of 1.8 million workers who have filed compensation claims were publicly available online from March 2019 to January 2022. 

TDI has made this clear in a State Audit Report published recently that the exposed information included Social Security numbers, addresses, birth dates, telephone numbers and other information about workers. A forensics company worked alongside TDI to determine the scope of the incident. 

TDI has also issued letters to individuals who submitted new workers’ compensation claims between March 2019 and January of 2022, offering 12 months of credit monitoring and identity protection services.

The TDI said the investigation did not find any evidence workers’ personal information had been misused. “In January 2022, TDI began an investigation to determine the full nature and scope of the issue, which included working with a forensic company and working to find out whose information was or might have been viewed by people outside of TDI. “To date, we are not aware of any misuse of the information,” it stated. The department added that it is offering 12 months of credit monitoring and identity protection services at no cost to those who may have been affected.

The security incident was addressed in a state audit report that was published in May 2022. This means that from March 2019 to January 2022, personally identifiable information was exposed to anyone who knew how to find it for nearly three years.

The public notice confirmed that TDI became aware of the security issue on January 4, 2022 after discovering a flaw in the TDI web application that manages workers’ compensation information.  TDI is a state agency that oversees the insurance industry in Texans and ensures that companies are abiding by state regulations.

According to the audit, TDI immediately took the application offline when it realised the flaw. 

TDI Texas:        TDI Texas:      BigCountry:       Oodaloop:       Infosecurity Magazine:    YouTube:  

You Might Also Read: 

E-Commerce Site Exposed Children Worldwide:


 

« Conti Attack US Precision Engineering Business
Canada Bans China From Its 5G Networks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

CTR Secure Services

CTR Secure Services

CTR Secure Services provides a broad range of security consulting services from asset protection to cyber security.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

Real Random

Real Random

Real Random is on a mission to enhance existing and new crypto-systems with its revolutionary solution to generating numbers that are Truly Random.

Lynx

Lynx

Lynx provides high added value services in the area of information systems security and ICT infrastructure building.

Cyfirma

Cyfirma

CYFIRMA offers Cyber threat visibility and intelligence suite and services aimed at keeping your organization’s cybersecurity posture up-to-date.

Utility Cyber Security Forum

Utility Cyber Security Forum

The Utility Cyber Security Forum offers a focused venue in which utility executives can network one-on-one with colleagues facing issues in protecting against cyber attacks.

UK Research & Innovation (UKRI)

UK Research & Innovation (UKRI)

UKRI works in partnership with universities, research organisations, businesses, charities, and government to create the best possible environment for research and innovation to flourish.

972VC

972VC

972VC was created to help entrepreneurs find potential funding for their startups. Your guide to the Israeli startup funding ecosystem.

CyberSat Summit

CyberSat Summit

CyberSat is dedicated to fostering the necessary discussions to flesh out and develop solutions to cyber threats in the satellite industry.

Enclave Networks

Enclave Networks

Our mission is to give IT professionals a simple way to rapidly build secure connectivity between any application, computer system, device or infrastructure - regardless of the underlying network.

SecZetta

SecZetta

SecZetta provides third-party identity risk solutions that are easy to use, and purpose built to help organizations execute risk-based identity access and lifecycle strategies.

MyCena

MyCena

MyCena has developed a complete system of security, control and management for decentralised credentials.

Acmetek Global Solutions

Acmetek Global Solutions

Acmetek is a Global Distributor and a Trusted Advisor of PKI /IOT & SSL Security Products and a Managed Services Company.

Stryve

Stryve

Stryve is a leading carbon-neutral provider of specialist cloud and cybersecurity services in Europe.

CloudWave

CloudWave

CloudWave, the expert in healthcare data security, provides cloud, cybersecurity, and managed services to healthcare organizations.