It seems that everywhere I go, I stumble over breaches that I didn’t know about. Today, something on Findlaw showed up in searches. It said:
I am unfortunately a victim of identity theft as of 2014. I just found out about it in february of 2015. Luckily for me the thieves did not do too much harm to my credit but I do have a concern. After I reported my identity theft in February 2015 I received a letter in the mail from the Michigan Department of State in March 2015 stating that there was a data breach in 2011 at a Secretary of State and my documents were among those that were taken from their system and my papers were recently retrieved by law enforcement. Now I was not notified about this data breach until 2015.
So I searched this blog and couldn’t find where I had ever noted any such incident. I reached out to the state, who kindly pointed me to this notice from 2011:
SOS Uncovers Thefts at 2 Branches; State Police to Investigate
AUGUST 26, 2011
SOS officials to alert customers as a precaution
Lansing — As a precaution, Michigan Secretary of State officials announced they will be notifying customers about thefts in two Macomb County branches, in which driver’s license applications and state ID applications were stolen.
The thefts occurred at the Southwest Macomb PLUS Office, 28220 Dequindre Road, in Warren and the North Macomb PLUS Office, 51305 Gratiot Ave., in Chesterfield Township.
“We take our responsibility to ensure confidential information is secure seriously and that’s why we immediately began an internal investigation and in-depth audit so we could determine which customers might be affected,” said Tracy Ward, Michigan Department of State spokesperson. “As a precaution, we will be sending letters next week to each individual customer who may be affected. We have formally requested the Michigan State Police conduct a criminal investigation into the theft. We want whoever did this prosecuted to the full extent of the law.”
In addition to providing information on fraud and identity theft to individual customers, Department officials will be providing a special information line for affected customers to call for additional information.
Through the audit, SOS officials have identified 13,966 documents that are missing. The documents, which date from 2009, were secured in locked, non-public areas of the branches.
“We apologize for any inconvenience to our customers and will do everything in our power to assist them now and in the future,” Ward said. “We have also taken steps to enhance both our document processing and security systems.”
Department officials have instituted other changes, including:
- Changes in document retention policies.
- Expanded use of microfilming and document shredding.
- An upcoming review of security procedures by the Michigan State Police.
- Expanded security camera use throughout the branch system.
Some of the documents contained Social Security numbers, which the Secretary of State’s office is required to collect under state and federal law. The documents did not include credit card or financial account information.
A spokesperson for the state added:
Due to new information provided to the department, we again in March 2015 sent a letter to potentially affected customers to encourage them to protect themselves.
DataBreaches.net reached out to the Michigan State Police to inquire whether these were insider thefts and how many individuals’ records they recovered. If I get a response, this post will be updated.