College of the Desert in Palm Desert, California recently notified employees that an employee sent an e-mail with an attached spreadsheet with employee information to 78 college employees. The spreadsheet contained employees’ name, Social Security number, date of birth, gender, zip code, job title, employee identification number, health insurance benefit plan selection, health insurance subscriber identification number, amount or cost of health insurance premium, and active or retired employee status.
Less than one hour after the e-mail was sent on June 5, the college attempted a message recall, but it was only partially successful, and approximately 50 people – all employees of of the college – may have opened or viewed the attachment.
In a June 8 notification letter, the college reviewed what it did following discovery of the breach to contain it, but does not seem to have offered affected employees any free credit monitoring services.