Login

Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Aon Consulting notifies Delaware retirees of data breach

Reprints
Agents & Brokers Retirement Benefits Aon More + Less -

DOVER, Del.—Aon Consulting Inc. inadvertently revealed the Social Security numbers, dates of birth and genders of about 22,000 retirees from the state of Delaware, the consultant said.

The data, which did not include individuals' names, appeared on the state's website between Aug. 16 and Aug 20 in a vision benefits request for proposals that Aon had prepared for the state, before the information was discovered and removed, according to the consultant's Chicago-based parent, Aon Corp.

In a statement, Aon said, as a normal course of business for public entities, the RFP for vision benefits was posted on the procurement section of the state's website so interested bidders could access the questionnaire and worksheets.

Normally, personally identifiable information is randomized “so that individuals cannot be identified in any way,” an Aon spokesman said. The company is investigating the breach, but there have been no reports of any fraudulent activity, he said.

Aon said potentially affected retirees were being notified and would receive free credit monitoring services for a year and access to a toll-free customer care center for additional assistance.

Delaware’s Office of Management and Budget said in a statement that it, as well as the Delaware Department of Technology and Information, the Office of the Attorney General and the State Pension Office, are “overseeing the steps Aon is taking to support persons affected by this incident and prevent future incidents of this nature.”

The statement also said that because the incident response is also governed by federal Health Insurance Portability and Accountability Act regulations, Aon Consulting will notify the U.S. Department of Health and Human Services of the security incident.

Robert Siciliano, a Boston-based security and identity theft consultant for Santa Clara, Calif.-based McAfee Inc., said that because names are not necessarily always correlated with Social Security numbers when applying for credit, identity thieves still could use the Social Security numbers with false names.

A laptop belonging to Aon Consulting that had the names and Social Security numbers of 57,160 individuals collected on behalf of Verizon Inc. during a pre-employment testing and application process was stolen from a New York restaurant in May 2008.

"We cannot determine" whether there has been any fraudulent activity as a result of that breach, the Aon spokeman said in an e-mailed statement.

About

Advertise

Reprints and Licensing

Resources

. Privacy PolicyTerms of Use

COPYRIGHT © 2024 BUSINESS INSURANCE HOLDINGS

Member, Beacon International Group, Ltd.