So my little state wanted to find a better deal on vision insurance for its retirees. I support that. I'm a state retiree, and I use the vision insurance. But then, this morning, this shows up on Delaware Online, where our local paper lives its electronic life:
In a data breach that one security expert said could be worth millions of dollars to scam artists, Aon Consulting, the state's benefits consultant, inadvertently posted personal information of about 22,000 state retirees on the Web, potentially exposing them to identity theft for the rest of their lives.
The information appeared on the state's procurement website from Aug. 16 to Aug. 20, and included the retirees' Social Security numbers, dates of birth and gender. Their names were not included.
And this afternoon, I got a letter from Aon Consulting, and yes, I'm one of them.
This will be the third time this kind of thing has happened. The first time, I bought some seeds online, and someone hacked the company's files. The second time, someone got hold of my card number - I've never found out how - and bought eight study Bibles in Kentucky. I've never been to Kentucky. They stole my card to buy Bibles. What can you say?
And now this. My SSN, my DOB, my gender. There aren't that many people in Delaware. It is not going to be hard to find us.
The company said it accidentally included the personal information in a request for proposals it had prepared to solicit bids from insurance companies interested in providing vision coverage to state employees and retirees.
Insurers need age and other information on the pool of people to be covered in order to prepare a bid, Aon Consulting spokesman Joe Micucci said Monday. He said that is normally done by using a random series of digits assigned to individuals to shield their identity, not their Social Security numbers.
However, "the information that should have been randomized was not," Micucci said.
Yeah. We should have been randomized.
And what is the state offering us? A year of credit monitoring through the service of our choice for free. One year. Do they think criminals can't read calendars?
And I thought it was illegal to use Social Security numbers for ID...what do you suppose they needed them for? To log into some big database that lists every single wart, pimple, mole, or torn cornea (yeah, that's me) you've ever seen the doctor for?
I'm not litigious. But if a class action suit pops up, I'll be in it. I am so mad I could, as my grandmother used to say, eat metal and shit nails. This is a big bundle of wrong.