INDIANAPOLIS – State officials have narrowed their assessment of a security breach from hundreds of thousands of Hoosiers to just 64, the Indiana Family and Social Services Administration reported Wednesday.
The agency last month announced a massive computer programming error in which personal information of a large number of people receiving aid from the state was possibly compromised. Those residents receive aid such as cash assistance, Medicaid and food stamps.
But Wednesday, FSSA said final results of a review show that only 16 clients’ full Social Security numbers were inadvertently shared.
Another 48 clients had various other personal data disclosed.
RCR Technologies, the contractor responsible for the mistake, has agreed to pay for credit monitoring for the individuals affected by the breach and will be contacting them directly to arrange this service.
We are comforted to know definitively now that, as we suspected, very few clients had any of their personal information shared, said Debra Minott, secretary of the FSSA.
Still, if one client’s information is unnecessarily disclosed, that’s one too many. We have received assurances from RCR that the appropriate steps have been taken to correct the original programming error and prevent anything like this from happening again. We will continue to scrutinize their performance very closely, she added.
FSSA will notify all clients of the findings of the report, including sending a letter to clients whose information was breached to let them know they will receive credit monitoring through RCR.
The agency also will notify the vast majority of clients who were determined not to have been affected by the breach to reassure them their information was not disclosed to anyone else.
Lastly, FSSA will send letters to its clients whom RCR identified as having received other clients’ information, giving them specific instructions on how to return the materials to FSSA if they are still in possession of them.