California Department of Social Services Makes Disastrous Mistake
Table of Contents
- By Steven
- Jan 18, 2023
Near the end of 2022, we saw a rapid and alarming rise in costly mistakes, mostly emails sent to unauthorized parties. Not only can this ruin employees’ lives and careers, but thousands (if not millions) of people have been affected by this trend. It is a serious issue and, certainly, one that is not getting enough attention from authorities or news outlets. While different than phishing, it is still a massive problem and needs to be addressed.
How Did the Leak Occur?
The leak occurred when a department employee mistakenly sent an email containing California residents’ social security numbers. The unauthorized party that received the email was instructed to delete it and remove it from their trash and stated that they had complied with the request. Unfortunately, we live in a world where it is hard to believe that people are honest about such things. We want nothing more than to believe that the recipient of the email deleted it immediately, ensuring that everyone involved was safe, but it might be naive to put faith in the words of strangers.
What Information Was Viewed or Stolen?
The only pieces of information involved were names and social security numbers. While we are well aware of the detrimental effects this can have on the leak’s victims, we encourage those affected to remember that they are not alone in this and have steps and resources available. With a data breach like this, we aren’t sure how many people were affected nor how many people may have access to the information.
How Did the Department Admit to the Leak?
The department admitted to the leak with notices sent to victims. There was also a letter sent to the California State Attorney General’s Office only a day after the breach occurred, insinuating a quick and painless resolution to the problem. “On January 5, 2023, the California Department of Social Services (CDSS) discovered that a document with your personal information had been inadvertently emailed to an unauthorized email address,” read the letter.
What Became of the Leaked Information?
If the email’s recipient is to be believed (which we hope they are), there is nothing to worry about. However, more than 39 million people live in California. Social security numbers can sell for anything from $2 to $11. Assuming the recipient accessed all 39 million, they would stand to make 78 to 429 million dollars, while halving or quartering that number, the third party would gain millions of dollars for little to no work. Even if they only accessed a county’s worth, Los Angeles alone has 9.8 million residents.
What Should Affected Parties Do in the Aftermath of the Leak?
As with every breach, there are options. For instance, there is a national hotline available at 1-877-438-4338. For California residents specifically, there is an entire page on the Attorney General’s website. The page details the steps it’s necessary to take after a breach, especially one concerning social security numbers.