North Carolina state employee Information mistakenly uploaded to internal website
Published 6:35 pm Sunday, August 22, 2021
The North Carolina Department of Information Technology (NCDIT) and the Office of State Human Resources (OSHR) notified current and former state employees of a recent security concern involving their data.
A file containing personally identifiable information including 84,860 employees’ names and Social Security numbers was mistakenly uploaded to an internal portal that was accessible to other state employees, according to a NCDIT press release: “At this time, there is no evidence that anyone accessed the information other than those employees who were involved in identifying and remediating the instance.”
The file was reportedly discovered on July 30, 2021 during a sweep for personally identifiable information on the state’s network. “The file was taken down immediately and steps taken to try to determine whether or not the information had been accessed,” stated the release. The file was not accessible to the general public.
Individuals whose information was contained in the file were notified by email August 12 and a letter will be sent by mail. Those employees will be given access to 24 months of identity theft resolution services at no charge, stated NCDIT.
“The notification also includes steps employees can take to protect themselves if their personal information may have been compromised, such as checking credit reports for free. More tips are available from the NC Department of Justice,” stated the release.
NCDIT and OSHR have also implemented new security procedures to protect employees’ personal data, including more comprehensive sweeps like the one that found the file, and additional cybersecurity training will be assigned, stated the release.