Hillsides, a child welfare agency based in Pasadena, is warning clients and employees of a possible data breach that may affect 1,000 people.
The data breach was discovered on December 8th when officials found that unencrypted files had been sent by an employee to a personal email address outside of the company’s domains on five occasions between October of 2014 and October of 2015.
The compromised information includes full names, social security numbers, home addresses and phone numbers for 468 Hillsides staff members. It also included the full names, birthdates, genders, medical identification numbers, therapists’ names and rehabilitative therapists’ names of 502 Hillsides clients.
The employee that sent the information to the personal email has since been fired.
“To date, the agency has been unable to recover the data files from (the employee’s) personal email account or verify whether the files have been deleted,” the company said in a statement to Pasadena Star News. “While Hillsides has no evidence that any of the personal information has been further disclosed or misused in any manner, they have provided notice of the incidents to individuals whose information was contained in the files so that they can take any precautions they feel are appropriate or necessary.”
Hillsides contacted the affected people via letter, and encouraged them to take advantage of hte free credit monitoring that they are offering.
“We sincerely apologize for the inconvenience and concern these incidents may have caused to our staff and clients, whose privacy is very important to us,“ Hillsides CEO Joseph M. Costa told Pasadena Star News. “We will continue to investigate the incident, to reduce harm to potentially affected individuals, and to protect against future similar occurrences.”
Source: Pasadena Star News
For information on how you can prevent your organization from being breached, visit www.miltonsecurity.com or call 714-515-4011.