DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Central City Concern notifies employment access clients of data theft by former employee

Posted on June 26, 2014 by Dissent

Another recent addition to HHS’s public breach tool involved an incident at Central City Concern in Oregon. The breach, which involved “unauthorized access/disclosure” resulted in the notification of 17,914, and was listed as beginning March 23, 2010 and ending May 24, 2013.

A notice linked from their homepage saying “Data Event” explains that this was a case of insider theft for tax refund fraud, and that after CCC was notified of the breach by law enforcement, they  prudently notified everyone whose records the employee would have been able to access – even though there is no evidence that more than 15 clients’ information was accessed:

For release: April 28, 2014
Notice of Data Event
Contact: Kathy Pape, Central City Concern, 503-294-1681

Central City Concern is providing this release as part of a larger effort to notify individuals whose personal data may have been stolen by a former employee.

On April 3, 2014, a federal law enforcement official notified CCC that a former CCC employee has been accused of improperly copying information from approximately 15 Central City Concern clients from its Employment Access Center (EAC) program with the intent of processing fraudulent tax returns in their names. Following this notice from law enforcement, CCC immediately began to review its systems that contain client records that the former employee may have accessed and copied during the time of employment from March 23, 2010 to May 24, 2013. We determined through this investigation that the former employee may have accessed names, dates of birth, social security numbers, addresses, and, in some instances, health information of EAC clients.

Central City Concern takes the privacy of its clients very seriously and in an attempt to protect the privacy of all Employment Access Center clients, we are communicating with all clients whose records the former employee may have had access to, though according to law enforcement, the former employee estimated that only 15 records were improperly copied. We have received no indication that other records were misused. However, as a precautionary measure, Central City Concern is offering complimentary one-year membership of Experian’s ProtectMyID Alert to all potentially affected individuals at no cost. Notification letters were mailed today to all potentially affected individuals and we continue to cooperate with law enforcement in their investigation.

Central City Concern has taken steps to help prevent such an incident from occurring in the future. CCC has contracted with an independent, third-party data security specialist to ensure that CCC has implemented all feasible and comprehensive safeguards to protect against future risk.

Client inquiries regarding this incident may be directed to 866-778-1144, Monday through Friday from 6:00 AM to 6:00 PM Pacific Time. Media inquiries may be directed to Central City Concern, 503-294-1681.

Individuals who are concerned about their tax returns may contact the Oregon Dept of Revenue at 503-947-2000 or http://www.oregon.gov/dor/Pages/id-theft.aspx.

This notice is being provided pursuant to the data event notification requirements of the U.S. Department of Health and Human Services and the State of Oregon, as well as to any other state required to receive the information. This notice is also posted on CCC’s website. Additional information, including information about how to prevent identity theft, is available from the Federal Trade Commission (FTC). You can contact the FTC at 600 Pennsylvania Avenue, NW, Washington, DC 20580, http://www.consumer.ftc.gov/features/feature-0014-identity-theft or 1-877-438-4338. If you become a victim of identity theft, you should report it to the police and to the FTC.

Other Helpful Resources
If you were a client of the Employment Access Center (other names of the program: WorkSource, West Portland One Stop, Central City Concern Jobs Program, Central City Concern WorkForce, Shoreline) and are concerned that your information may have been accessed, please call 866-778-1144.

Oregon Department of Revenue Identity Theft
503-947-2000

Theft Hotline
877-438-4338

IRS Identify Protection Specialized Unit
800-908-4490

Category: Uncategorized

Post navigation

← Salina Family Healthcare Center notifies 9,640 patients after email attachment error
‘Possible data security breach’ at College of the Desert →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.
  • Websites selling hacking tools to cybercriminals seized
  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database
  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.