March 31, 2012 (Sacramento) -- On March 12, the State learned that two contracted service providers, International Business Machines (IBM) and Iron Mountain Inc., could not locate several specialized computer storage devices containing information from the California Department of Child Support Services (DCSS) involving more than 800,000 individuals.
The devices were in transit from IBM’s facility in Colorado to California. Upon arrival, several storage devices were missing.
The California Department of Child Support Services has identified which customers’ personal information – which includes names, addresses, Social Security numbers, driver license numbers, names of health insurance providers, and employers -- were on the devices and thus could be affected. All potentially affected customers are being notified by mail. The DCSS has also posted the information on its website, www.childsup.ca.gov and established a toll free telephone number, (866) 904-7674, for individuals to obtain additional information.
“Because the devices are in a specialized format, we have no reason to believe, at this time, that the data have been accessed or utilized in any way,” said Kathleen Hrepich, DCSS Interim Director. “Additionally, this incident will have no impact on the processing of child support cases.”
DCSS has notified the three major U.S. credit reporting agencies, Experian, Equifax and TransUnion, as well as the California Attorney General’s Office and the Office of Privacy Protection of the information security incident.
The department is recommending customers place a fraud alert on their credit cards, get copies of their credit reports with the three major U.S. credit reporting agencies, review any explanation of benefits statements they receive from health insurers, and take other appropriate steps to monitor and protect their identities. Additional steps to protect privacy are available at www.privacy.ca.gov.
DCSS and the California Office of Technology Services are reviewing and revising procedures and taking appropriate follow-up action in an effort to prevent future incidents.
"We take this matter very seriously and want to ensure that everyone’s personal information is properly protected,” added Hrepich.