INDIANAPOLIS (AP) — The personal information of at least 14 Indiana
welfare clients was shared with others because of a contractor's
computer programming error, Indiana officials said Monday. The security
breach potentially affects more than 187,000 people.
The Indiana Family and Social Services Administration said some of the
personal information possibly shared with others included the Social
Security numbers of as many as 3,926 clients.
"We do not believe this was a widespread disclosure of information,"
FSSA spokesman Jim Gavin said in an email message. "To this day, we have
been made aware of 14 instances where information was received by the
A programming error by FSSA contractor RCR Technology Corp. resulted in
an undetermined number of documents being sent to the wrong clients. In
addition to the Social Security numbers, FSSA said, information
disclosed possibly included monthly benefit amounts; financial
information, such as monthly income and expenses, bank balances and
other assets; and medical conditions.
"We are ultimately responsible for the safekeeping of that information
and regret that in this rare instance some information may have been
accidently shared inappropriately," FSSA Secretary Debra Minott said in
The error occurred April 6 and affected correspondence sent to clients
from that date until May 21, FSSA said. The error was discovered May 10
and corrected May 21, the agency said.
Indiana Democratic Party Chairman John Zody issued a statement saying he
hoped FSSA and the office of Gov. Mike Pence "take the necessary steps
to ensure nothing of this sort happens again."
"We do wonder why it took more than six weeks for FSSA to notify the
public of this security breach, and we hope the agency will conduct
itself in a transparent, open manner as the investigation into this
matter moves forward," Zody said.
In response, Gavin said that once the cases began "trickling in," the
contractor — which has an FSSA contract to manage documents in welfare
cases — first had to confirm a problem existed, then discover the error
and find a solution. FSSA also was required by law to work with the
Indiana Attorney General's office in resolving the situation.
FSSA has sent written notices to people who might have been affected,
informing them that some of their personal information might have been
disclosed and precautions they can take to protect themselves against
identity theft. It also said clients receiving another client's personal
information should return it immediately to local welfare office or to
shred the information.
Indianapolis-based RCR is taking steps to improve its computer
programming and testing processes to prevent similar errors from
occurring in the future, FSSA said. RCR President Robert Reed issued an