This week, Google started notifying affected employees of a data breach that occurred when a third-party benefits vendor mistakenly sent an email file with employee information to an unintended source.
A copy of Google’s notification letter to employees was made available through the California Attorney’s General website. The letter does not name the involved vendor, nor does it say which areas of the company’s benefits were impacted.
The vendor sent the data to another third-party benefits provider, which reportedly erased the information upon realizing the mistake.
"We have no evidence that any of your information has been misused as a result of this incident, and computer access logs indicate that no other individuals viewed your information before it was deleted," Google explained to employees.
"In addition, the benefits manager has confirmed that she did not save, download, disclose or otherwise use the information contained in the document," the letter said.
Names and Social Security numbers of an undisclosed number of Google employees were included in the file. Teri Wisness, director of U.S. benefits at Google, said “We have no evidence that any of your information has been misused as a result of this incident, and computer access logs indicate that no other individuals viewed your information before it was deleted.”
Google will provide 24 months of free identity protection and credit-monitoring services to affected employees. The letter also recommends employees access the free credit reports available under U.S. law.
Though the breach at Google seems the result of human error on the part of a broker vendor, more cyber security experts suggest company benefit plans will be targets for cyber criminals.
ADP recently announced a “small number” of clients were affected when cyber criminals accessed the firm’s payroll services unit.
An ADP spokesperson was quick to say the event was not a “cyber breach,” but that personal tax and payroll information was exposed because client firms did not adequately protect access codes to ADP’s online portal.
The Identity Theft Resource Center says that so far in 2016, nearly 350 data breaches have taken place, resulting in the theft of more than 11.3 million personal records.
Cyber criminals used data in the ADP theft to file counterfeit tax returns to the IRS, according to a report from the Society for Human Resources Management.
Complete your profile to continue reading and get FREE access to BenefitsPRO, part of your ALM digital membership.
Your access to unlimited BenefitsPRO content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking benefits news and analysis, on-site and via our newsletters and custom alerts
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the property casualty insurance and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Nick Thornton
Nick Thornton is a financial writer covering retirement and health care issues for BenefitsPRO and ALM Media. He greatly enjoys learning from the vast minds in the legal, academic, advisory and money management communities when covering the retirement space. He's also written on international marketing trends, financial institution risk management, defense and energy issues, the restaurant industry in New York City, surfing, cigars, rum, travel, and fishing. When not writing, he's pushing into some land or water.
