Subscribe to the Daily Globe

Your Local Connection

print article Print     e-mail article E-mail
Published May 06, 2011, 07:42 PM

Security breached

Rock County FSA employee terminated for unauthorized access
LUVERNE — A Rock County Family Service Agency employee was terminated after accessing private information of individuals located primarily in Nobles and Rock County, according to Rock County Administrator Kyle Oldre.

LUVERNE — A Rock County Family Service Agency employee was terminated after accessing private information of individuals located primarily in Nobles and Rock County, according to Rock County Administrator Kyle Oldre.

Those whose information was breached were mailed notices from the Minnesota Department of Human Services (DHS) regarding an unauthorized access of certain private information — a measure that is mandated by state statute, Oldre said. The investigation into the security issue determined there was “almost certainly no distribution, sale or further disclosure,” the letter states. “This individual is no longer employed by Rock County or affiliated with DHS, and a complete audit of the employee’s electronic activity was performed.”

The employee accessed Minnesota Department of Vehicle Service (DVS) information, including full names, birthdates, addresses and driver’s license numbers, photos and statuses.

“This person had access through her position with the county, and she searched lots and lots and lots of people,” Oldre stated. “She claimed she was being nosy.”

The unauthorized access took place over a period of four months, Oldre explained, until his office was alerted that there were numerous searches.

“We immediately stopped her access to it and then terminated,” he added.

The county began an investigation, which has not revealed any evidence of further disclosure.

The DVS tracks whose information is accessed, so they know with 100 percent accuracy whose information was searched and the date and time the data was accessed, Oldre said. An investigation to ensure the information was not misused is ongoing. Because of that, the employee’s name is not being released at this time.

Although the risk is termed “minimal,” the DHS is recommending that those whose information was breached take additional precautionary measures to protect themselves, such as monitoring credit reports and accounts for any unusual activity. Any such activity should be reported to law enforcement officials.

Tags:

More from around the web