Fla. agency puts Social Security numbers on Web

TALLAHASSEE, Fla. (AP) -- A state agency accidentally put the Social Security numbers of about 250,000 job seekers on the Internet for 19 days in October before another agency noticed the security breach, officials said Thursday.

Data on customers aided by the Agency for Workforce Innovation's One-Stop Career Centers between January 2002 and November 2007 was placed on a test server, where people searching the Internet might have been able to find it.

"We are thoroughly investigating this matter and are making every effort to enhance the security of our computer systems," said agency director Monesia T. Brown.

No one has been disciplined and investigators are trying to determine exactly what happened, said agency spokesman Robby Cunningham.

Another state agency discovered the breach Oct. 28, Brown said. She said the data was immediately removed and major Internet search engines and providers were notified to make sure it didn't wind up elsewhere on the Web. Law enforcement authorities also were called.

Brown said she had no reason to believe personal information has been accessed for unlawful purposes.

"It was never posted on a Web site," Cunningham said. He said someone, though, could have stumbled across it while doing an Internet search.

The agency handles labor-related functions for the state and its Career Centers help people find jobs and employers find workers.

Affected customers are being notified.

"We started sending out the letters at the beginning of this week," Brown said. "We're sending them out by the thousands because we obviously want to make sure that we get that information out as quickly as possible."

People also can determine if their information was included in the breach through an agency Web site: http://www.floridajobs.org/security/.

The agency will respond to those who type in their names and last four digits of their Social Security numbers "to verify whether they were included and captured in that list or not," Brown said.

The state attorney general's office is advising those who have been affected to review credit and debit card statements and monitor all transactions. Any unauthorized activity should be reported to the credit card company or bank.

(Copyright 2008 by The Associated Press. All Rights Reserved.)