Lori Fullbright reports:
Documents containing names, social security numbers and salaries from employees of dozens of companies, including some in Tulsa, were left sitting on a curb in an Edmond, Oklahoma neighborhood.
That was a couple years ago.
A husband and wife saw the storage containers on the curb and decided to pick them up. When they discovered the boxes were full of confidential information, they weren’t sure what to do, so they put the documents in secured storage.
They recently re-discovered them and called News On 6 parent company, Griffin Communications, when they noticed some of our employees were in the file.
The files apparently belonged to American Fidelity. Fullbright reports:
They are forms people filled out to choose an insurance plan, that contain salaries, social security numbers, birth dates, dependents; private information that could be used by criminals.
The documents, which reportedly date from 2003 and 2004, did not contain medical information, but did contain records from employees of a number of companies.
Employees from The Tulsa Fairgrounds were also in the files, which didn’t make CEO Mark Andrus very happy.
“There’s a reason it’s called confidential information and one of the definitions of that, if you go down the list is, do not leave in a file cabinet on a curb,” Andrus said.
American Fidelity issued the following statement:
We have a responsibility to safeguard our customers’ information. Though it appears these documents have been safely secured since they were obtained a few years ago, they should have never left our possession. There is no evidence at this time that the information has been misused, and we believe the likelihood of misuse is low. We have requested the contact information of the person who had possession of this information for the last few years to support our investigation. The source has refused to be identified. We have an obligation to our customers to thoroughly review this matter, including asking the proper authorities for assistance if necessary. Additionally, we are constantly evaluating ways to strengthen and enhance our information security procedures. We are in the process of notifying those customers involved. We regret this happened and apologize. Trust is at the heart of what we do for our customers, and we will do what is right.
Yoohoo, Congress, can you hear me now? We need a breach notification law that includes paper records.