Lawmakers were told on Oct. 18 that auditors reviewing the state’s Human Resources Division discovered that the personal information of current and former state employees was not protected from identity thieves.
Auditor Doug Peterson told the audit subcommittee the confidential personal information including Social Security numbers of 145,000 current and former state employees and their family members was stored in a computer database, unencrypted.
He said they took the unusual step of holding back on releasing the audit report until those files were encrypted and protected from possible thieves.
In addition, auditors said a significant number of the division’s computers were not up to date in the Windows operating systems or on their virus protection programming.
Finally, they reported that the division had not shut down the sign ons and passwords of 42 former employees. Thirty one of those worker employees had been gone more than a year and one had been gone almost 10 years but could have still accessed the division’s confidential records.
Auditors found similar issues in the computer systems of the Department of Wildlife where they said the laptops used by NDOW’s 43 game wardens contained unencrypted personal information including credit card numbers, drivers license numbers and other data.
There too, they found that virus protection software was out of date or non-existent.
“Without current virus protection software installed, servers could become infected with malicious software,” the audit report states.
The audit subcommittee was told, however, nearly all the problems in both of those agencies have now been remedied.
Use the comment form below to begin a discussion about this content.
Sign in to comment