Alaska state employees’ union wants more protection after breach
The Alaska State Employees Association (ASEA) is seemingly unhappy with the two-year benefits plan being offered to over 77,000 state employees whose data were lost by PricewaterhouseCooper. The personal information included their names, social security numbers, and dates of birth. ASEA represents almost 8,000 of the state employees.
In a press release issued today, ASEA indicates that it has a number of concerns regarding the loss of the information and the state’s response:
ASEA does not believe that the state’s offer of two years of free identity theft protection relieves the state of responsibility for the incident. It is ASEA’s position that the state should be responsible for any damage that may result, including damage that occurs outside this arbitrary two-year window.
The state’s decision to make employees protect themselves, by explicitly enrolling in the identity theft protection program, is backwards. Affected individuals should be enrolled automatically. ASEA also believes that the state remains responsible for any harm, regardless of whether an individual has explicitly requested the protection service.
Jim Duncan, ASEA/AFSCME Local 52 Business Manager said, “It could be extremely damaging to those individuals whose data has been lost, and the state’s response appears to be insufficient.”
Duncan has sent a letter to Annette Kreitzer, Commissioner of the Department of Administration, expressing the union’s concerns and asking for additional information about the nature of the loss of this information:
The information was lost when Price/Waterhouse moved office locations. In what form was the information when it was lost? Was it on a Compact Disc (Electronic) or was it on paper (Files)? Did the information include the names and confidential information for beneficiaries of the active and retired employees? Are people still looking for the files? Have the police been asked to investigate this loss? What efforts have been taken to find the missing information?
All good questions. Why weren’t they answered in the notification sent to those affected?