I thought I knew how to protect my personal information. I guard my credit cards, driver's license, etc, and make sure I shred anything with personal information before I toss it in the trash. I never give our personal information on-line unless it is a trusted, secure website. It never occurred to me that the State of Texas would post my personal information on a public website, but that is what has happened to me and 3.2 million others, as a result of the incompetence of our Republican State Comptroller, Susan Combs.
Ever since my debit card was stolen from my desk at school a few years ago by a rogue janitor who sold it to someone who ran up over $600 at Wal-Marts up and down I-10 between Houston and San Antonio, I have been extremely cautious with my credit card and driver's license. We don't give out our personal information unless we are sure it is a trusted website. We shred anything with personal information on it before we toss it in the trash, especially those ubiquitous offers for credit cards. We even try to pay with cash in restaurants so that our credit cards are not out of our possession. We check our credit several times a year and make sure it is accurate. In other words, we do everything possible to protect our personal information. I thought that identity theft was something I didn't need to worry about. I was wrong.
We sincerely regret that this incident occurred. Thank you for your shared vigilance at a time when the potential for cyber crime remains a great threat.
Last week I learned from a story on my local NPR station that because of the incompetence of our Texas Comptroller's office, 3.2 million of us who are members of the Texas Teacher Retirement Service, Employee Retirement Service, or Texas Workforce Commission have had our social security numbers, birth dates, and other sensitive information exposed to the public -for over a year. No one knows who saw our information. We will have to wait and see if anyone tries to use it to steal our identities.
Susan Combs, our Republican State Comptroller, was, until recently, planning to run for Lieutenant Governor in 2014. Her handling of this deplorable breach has so far only succeeded in making a lot of people mad. First, she fired four subordinates, and tried to blame the agencies that sent her the information- the Teacher Retirement System, Employees Retirement System, and the Texas Workforce Commission. All three agencies have responded that they sent it to Comb's office in properly encrypted form, and that it was her office that put it in a public section of the State Comptroller's website in unencrypted form and left it there for a year. Next, Comb's office sent out a letter to the 3.2 million people affected by the breach. As Ross Ramsey puts it in his article in the Texas Tribune, "The letter is a masterpiece of equivocation and prevarication, leaving a false impression without telling an outright lie." In it we are assured that "the data files were immediately taken off-line" , without mentioning that it too a year to do this, and that there is "no indication that your personal information has been misused in any way." Of course, there is no indication that it hasn't been misused either. The letter is not signed by Combs, but by our former chief technology officer for the Comptroller's office, one Victor Gonzalez, who resigned last Friday.
Is the state of Texas going to reimburse us if our identity is stolen using the data they posted? Nope. The state has created a website, FAQ, and an e-mail address where we can get more information. We also get a discount on a year's worth of credit monitoring by Experian or CSIdentity. Somehow, I don't think I am the only one of the 3.2 million victims of this mess to feel a tad annoyed that I now have to pay for a credit monitoring service I didn't need until Comb's office posted my social security number on a public website for a year. And who is to say that if anyone has our information that they won't just wait until the whole thing dies down, say after our year of discounted credit monitoring expires, and then use it to steal our identities?
The comptroller has already cost the taxpayers $1.8 million because of her mistake, or her incompetence, and the question ought to be why she doesn't step up to the plate and pay for this out of her own pocket. - Jim Harrington, Texas Civil Rights Project
The FBI and the Texas Attorney General are already investigating the breach, and now The Texas Civil Rights Project is pursuing an independent investigation which could lead to litigation.
Already there has been a phishing scam based on the breach. The Texas Attorney General's office has warned state employees about fraudulent phone calls from individuals posing as ERS representatives wanting to verify the employee's social security number.
All of this should derail Susan Combs political career, but, given who the current occupant of the Texas Governor's office is, I wouldn't bet on it. Some people have suggested that she needs to shoot a coyote while jogging to distract voters. After all, it is a long time until 2014, and a lot of voters have short memories.
For the 3.2 million of us who are victims, the only recourse is to subscribe to a discounted credit monitoring service at our own expense, and hope that no one was paying attention during the year that Comb's office put our most sensitive information on display for all to see.
Updated by loblolly at Wed Apr 27, 2011 at 03:59 PM CDT
I just signed up for my discounted credit monitoring service, which costs $39 for a year. I also put a fraud alert on my account. So far there are no indications anyone has tried to steal my identity. I'm sure I'll have to continue the credit monitoring for several years, at the regular price of course.
Updated by loblolly at Wed Apr 27, 2011 at 05:53 PM CDT
So far this mess has cost Texas taxpayers $1.8 million-Here's how it has been spent: $1.2 million to mail letters to the 3.5 million people whose information was compromised, $393,000 to a call center offering assistance, and $290,000 to consultants to examine security at the Comptroller's office.