State worker data stolen from employee s car, Ohio governor says
6/15/2007COLUMBUS A thief made away with a state government computer "storage device containing the names and Social Security numbers of more than 64,000 state employees, prompting Gov. Ted Strickland to issue an alert this morning.
The theft from a state intern s car occurred Sunday night and was reported Monday morning, but Mr. Strickland s administration said it took several days before the extent of the risk was assessed.
"What we re doing here is cautionary," said Mr. Strickland. "There is no evidence there has been a breach. We believe it would be rather difficult for whoever has the device to access information from it."
The administration and the Ohio Highway Patrol declined to release information on the theft investigation, which apparently occurred in a residential parking lot.
The state is offering to provide identity theft protection to all affected employees of state and legislative offices, boards, and commissions.
The information was taken home by a randomly selected state employee as part of routine protocol designed to store backup information from a computer work site away from the original data "device."
The administration refused to describe the device or the security associated with it. The protocol was to take the device home to a residence, not leave it in a car.
Mr. Strickland, a Democrat, issued an executive order changing the protocol that he said dates back to 2002. In the future, the information will be stored at a separate work site in a fireproof box under lock and key, said Pari Sabety, Mr. Strickland s budget director.
"I m not looking for a scapegoat, certainly not an intern scapegoat," said Mr. Strickland. His office declined to identify the employee while the investigation continues.
The employee had been working at a site associated with the new Ohio Administrative Knowledge System (OAKS), a centralized computer system that handles employee payroll functions. OAKS is a joint project of the Office of Budget and Management and the Department of Administrative Services.
Ms. Sabety stressed that the device stored data from a work site and was not the backup device for the entire massive OAKS system.
State employees used the original data device to review more than 338,634 files before determining there was a real security threat. Mr. Strickland s office was not notified until Wednesday, and the highway patrol began its own investigation on Thursday because the theft involved state property.
A local police investigation began Monday, but investigators refused to say how extensive that initial investigation was and whether local police knew what they were dealing with. The highway patrol also refused to reveal where the theft occurred.
Employees seeking more information may call 1-888-644-6648 for a recording, or call live hot lines at 1-877-742-5622 or 1-800-267-4474. The hot lines will be manned until 7 p.m. today, between 10 a.m. and 4 p.m. over the weekend, and from 8 a.m. to 5 p.m. on weekdays.
"There is no reason to believe this was a theft specifically directed to the security of this device, said Mr. Strickland.
Contact Jim Provance at:
jprovance@theblade.com
or 614-221-0496.
Read more in later editions of The Blade and toledoblade.com.