On Saturday I was notified by letter that my personal information, including name and social security number, was among those left unsecured on the state comptroller of public account web site.
The letter was dated April 13. Somehow it took 10 days to get from Austin to my mailbox, which doesn’t exactly inspire confidence that everything’s being taken care of in the most expedient manner down there in Austin.
A couple of weeks ago, news media had a field day discussing how state comptroller Susan Combs’ office had inadvertently allowed 3.5 million people’s personal information to be exposed on a public-access web site.
I worked at a state agency about 20 years ago and have a small amount of money in the Employees Retirement System of Texas. Only about 250,000 of the ERS employee data files were exposed and I was one of the lucky ones. (It’s like winning the state lottery except it doesn’t pay you money, it just leaves you vulnerable to identity thieves.)
On a positive note, the letter I received is almost worthy of framing because of its subterfuge and doublespeak.
First off, the politically ambitious Combs didn’t bother signing it. The buck only stops with her when it’s convenient and publicly flattering. She’s an elected official, not a martyr.
Instead, chief technology officer Victor Gonzales signed the letter.
He began by assuring me that the state comptroller’s office strives to “ensure the highest levels of security and prevent identity theft.”
Then he tells me that my personal info was exposed.
But he counters that by saying — in boldfaced type no less — that “we have no indication that your personal information has been misused in any way.”
Gonzalez said the office recently identified the exposed data files and then immediately removed and secured them.
He didn’t bother saying that the personal info had been publicly exposed for a freaking year on the agency web site.
Gonzalez left something else out as well — he didn’t mention he would be resigning before the ink on his signature was dry.
Combs name doesn’t appear anywhere on the letter. She wanted no part of it. But in case you’re curious, here’s what your state comptroller looks like:
I got one too. But mine was because they had my information from being on Unemployment for a period of time. So not only state workers were exposed, but anyone who was on Unemployment. Wonder who else?
No reasonable person should expect the State Comptroller to personally monitor Internet security of all data housed in the office.
That’s their job.