USA, Florida. The personal information of 100,000 social workers was in public access without password protection.
The Department of Children and Families has already informed the victims that their personal information (names, addresses, phone numbers, social security numbers) was in public access and could be used by fraudsters for illegal objectives. The officials have also made it clear that everyone who wants to monitor their credit history can use the service for free within the year.
The government institution holds the company that provided IT technology responsible for this incident. The contractor was unable to provide the appropriate level of information data security. In fact, they didn't even bother setting up basic password protection.
It is not yet known how long the personal information has been in public access on the Internet and whether the database was downloaded and used by third persons.
Nikolay Fedotov, head InfoWatch Analyst commented: «The total amount of compromised personal information in one year in such "open" countries as the USA and Great Britain is approaching the total number of the population. Experts have already started to think about whether it is worthwhile providing everyone who was a potential or genuine victim of the leaks with the financial monitoring service. Wouldn't it be easier to make this service compulsory for all citizens? There has been only one disadvantage about this so far: The payment of the financial monitoring service and other measures to mitigate the consequences of leaks is made at the expense of the culpable operator. This is a kind of a penalty which is usually quite significant. It facilitates the protection of personal information. If there are no financial penalties for leaks, no one will care about protection».