It's one thing to have a hacker stealthily navigate past your firewall, slither by your intrusion detection software, and fiendishly gain access to a database to steal customers' personal information. It's another to have your operations department just send the information out through the mail.
That's exactly what the California Public Employees' Retirement System, better known as CalPERS, did this month when it sent about 400,000 brochures containing members' Social Security numbers clearly visible through the address window. A CalPERS spokesman downplayed the incident, saying the Social Security numbers printed on the brochure did not have hyphens, making it more difficult to identify the string of numbers as a Social Security number.
CalPERS sent a letter to members apologizing for the mistake and is conducting an investigation to find out why the SSNs were printed on the brochures. The organization also is providing privacy security awareness training for employees.