DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Central City Concern notifies employment access clients of data theft by former employee

Posted on June 26, 2014 by Dissent

Another recent addition to HHS’s public breach tool involved an incident at Central City Concern in Oregon. The breach, which involved “unauthorized access/disclosure” resulted in the notification of 17,914, and was listed as beginning March 23, 2010 and ending May 24, 2013.

A notice linked from their homepage saying “Data Event” explains that this was a case of insider theft for tax refund fraud, and that after CCC was notified of the breach by law enforcement, they  prudently notified everyone whose records the employee would have been able to access – even though there is no evidence that more than 15 clients’ information was accessed:

For release: April 28, 2014
Notice of Data Event
Contact: Kathy Pape, Central City Concern, 503-294-1681

Central City Concern is providing this release as part of a larger effort to notify individuals whose personal data may have been stolen by a former employee.

On April 3, 2014, a federal law enforcement official notified CCC that a former CCC employee has been accused of improperly copying information from approximately 15 Central City Concern clients from its Employment Access Center (EAC) program with the intent of processing fraudulent tax returns in their names. Following this notice from law enforcement, CCC immediately began to review its systems that contain client records that the former employee may have accessed and copied during the time of employment from March 23, 2010 to May 24, 2013. We determined through this investigation that the former employee may have accessed names, dates of birth, social security numbers, addresses, and, in some instances, health information of EAC clients.

Central City Concern takes the privacy of its clients very seriously and in an attempt to protect the privacy of all Employment Access Center clients, we are communicating with all clients whose records the former employee may have had access to, though according to law enforcement, the former employee estimated that only 15 records were improperly copied. We have received no indication that other records were misused. However, as a precautionary measure, Central City Concern is offering complimentary one-year membership of Experian’s ProtectMyID Alert to all potentially affected individuals at no cost. Notification letters were mailed today to all potentially affected individuals and we continue to cooperate with law enforcement in their investigation.

Central City Concern has taken steps to help prevent such an incident from occurring in the future. CCC has contracted with an independent, third-party data security specialist to ensure that CCC has implemented all feasible and comprehensive safeguards to protect against future risk.

Client inquiries regarding this incident may be directed to 866-778-1144, Monday through Friday from 6:00 AM to 6:00 PM Pacific Time. Media inquiries may be directed to Central City Concern, 503-294-1681.

Individuals who are concerned about their tax returns may contact the Oregon Dept of Revenue at 503-947-2000 or http://www.oregon.gov/dor/Pages/id-theft.aspx.

This notice is being provided pursuant to the data event notification requirements of the U.S. Department of Health and Human Services and the State of Oregon, as well as to any other state required to receive the information. This notice is also posted on CCC’s website. Additional information, including information about how to prevent identity theft, is available from the Federal Trade Commission (FTC). You can contact the FTC at 600 Pennsylvania Avenue, NW, Washington, DC 20580, http://www.consumer.ftc.gov/features/feature-0014-identity-theft or 1-877-438-4338. If you become a victim of identity theft, you should report it to the police and to the FTC.

Other Helpful Resources
If you were a client of the Employment Access Center (other names of the program: WorkSource, West Portland One Stop, Central City Concern Jobs Program, Central City Concern WorkForce, Shoreline) and are concerned that your information may have been accessed, please call 866-778-1144.

Oregon Department of Revenue Identity Theft
503-947-2000

Theft Hotline
877-438-4338

IRS Identify Protection Specialized Unit
800-908-4490

Category: Uncategorized

Post navigation

← Salina Family Healthcare Center notifies 9,640 patients after email attachment error
‘Possible data security breach’ at College of the Desert →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CoinMarketCap Hacked, Scrambles to Remove Malicious Wallet Verification Popup
  • Montana Attorney General launches investigation into Lee Enterprises data breach
  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news (Updated)
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation
  • Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.