CONSUMER NEWS RECALLS COMPLAINT FORM SCAM ALERTS

Small Claims Guide \| Class Actions \| Lemon Law \| FAQ \| Resources \| Newsletters \| Spanish
Automotive Education Electronics Family Finance Health Homeowners Shopping Travel

Wisconsin Agency, Printer Tried To Cover Up Data Breach

Blunder Exposed by Local News Media Alerted by Consumers

By Martin H. Bosworth
ConsumerAffairs.com

February 7, 2007

Data Theft
• Thieves Steal AT&T Laptop with Employee Data
• Report: Data Breach Disclosure Laws Don't Affect Identity Theft
• Patient Information Exposed in Data Breach at Walter Reed
• Supermarket Chain Reports Data Breach
• Report: Feds Still Not Doing Enough To Secure Data
• Data Thieves Hit Georgetown University Students, Faculty
• 800,000 Job Seekers At Risk In Gap Data Breach
• TJX Data Breach Settlement Has Strings Attached
• More ...

The printing error that caused 170,000 Wisconsin taxpayers to receive forms with their Social Security numbers visible to the public had the dubious distinction of being the first big data breach of 2007.

Now comes news that the state's Department of Revenue and the printing agency responsible for the mistake may have tried to cover it up.

The printing company, Ripon Community Printers, asked the Department of Revenue to keep the breach quiet when it was first discovered, according to several local Wisconsin news outlets.

The agency agreed to do so, but was forced to confirm the breach after disgruntled residents contacted local newspapers and television stations to complain about the incident.

E-mail trails between Revenue Department officials and Ripon's staff confirmed that both sides wanted to keep the breach under wraps, although Ripon president Andy Lyke said that he did so only to prevent potential thieves from stealing the forms and using the information themselves.

"The press made the situation a whole lot worse. I'm convinced of that," he told reporters. "It alerted anyone who had any kind of ill-intent that these numbers were out there."

Revenue Department spokeswoman Meredith Helgerson acknowledged that the agency -- and she herself -- had hesitated to get the information out to the public on the day the breach was discovered, but decided to do so within several hours of discovering local news media going with the story.

Legislators At Risk

If that wasn't enough of a black eye, 109 members of the state Assembly were put at risk of identity theft when a laptop containing their personal information was stolen from the car of a state employee.

The unidentified employee had taken the laptop home but his or her car keys were stolen and the thief made off with the computer as well as personal effects, the Wisconsin State Journal reported.

The possibility of identity theft hitting home for Wisconsin's lawmakers has prompted many of them to call for stronger policies regarding both data security and notification of breaches.

State Senator Ted Kanavas (R-Brookfield) proposed legislation to prevent state agencies from disclosing any taxpayer information to third parties unless it was explicitly required for a task to be completed.

Kanavas said that "it's not 1975," and the state government needs to do a better job of collecting and protecting information.

Local Troubles Writ Large

The Wisconsin incidents are prime examples of the problems the federal and local governments face in handling information breaches.

Currently, each of the 50 states have wildly different laws governing policies such as breach disclosure, and there are no standards for any sort of conduct relating to taking information home.

The lack of common standards means that companies in a particular state can get away with hiding a data breach unless the public or media becomes aware of it through other means, as in the Wisconsin case.

On the other hand, much of the legislation proposed by Congress to govern data breach disclosures is noticeably weaker than state law, and would preempt any state's attempt to pass stronger laws, leaving citizens without much in the way of redress, and at the mercy of legislation likely to be largely written by industry lobbyists.

On the other hand, widely varying state laws are slowing down efforts by the Bush administration to implement a national electronic records-sharing system for medical information. The GAO recently released a report criticizing the plan for lacking adequate privacy protection measures.

Report Your Experience
If you've had a bad experience -- or a good one -- with a consumer product or service, we'd like to hear about it. All complaints are reviewed by class action attorneys and are considered for publication on our site. Knowledge is power! Help spread the word. File your consumer report now.

July 4 2008

Print, mail, etc.

FREE CONSUMER NEWSLETTERS

The Daily Consumer
Afternoons M-F
Sign up now!

Consumer News & Alerts
Every Sunday
Sign up now!

Knowledge is free.
Knowledge is power.

Back to the top |

Terms of Use Your use of this site constitutes acceptance of the Terms of Use

Advertisements on this site are placed and controlled by outside advertising networks. ConsumerAffairs.com does not evaluate or endorse the products and services advertised. See the FAQ for more information.

Company Response Welcome If complaints about your company appear on our site, we welcome your response. Please see the Response Form for more information.

For more information, see the FAQ and privacy policy. The information on this Web site is general in nature and is not intended as a substitute for competent legal advice. ConsumerAffairs.com Inc. makes no representation as to the accuracy of the information herein provided and assumes no liability for any damages or loss arising from the use thereof.