An Indiana welfare security breach revealed 16 clients' Social Security numbers to other clients and the sharing of other personal information for 48 other clients, officials said Wednesday.
A review of all documents possibly involved in the security breach by RCR Technologies Inc., the contractor whose computer programming error led to the security breach, showed the scope of the breach, the Indiana Family and Social Services Administration said in a news release.
When FSSA revealed the breach a month ago, it said it possibly affected more than 187,000 people, including the Social Security numbers of as many as 3,926 clients who receive food stamps, Medicaid and other welfare benefits. In addition to the Social Security numbers, the, information disclosed possibly included monthly benefit amounts; financial information, such as monthly income and expenses, bank balances and other assets; and medical conditions, FSSA said at the time.
The error occurred April 6 and affected correspondence sent to clients from that date until May 21, FSSA said. The error was discovered May 10 and corrected May 21, the agency said.
FSSA said Wednesday it will inform the clients whose information was breached that they will receive free credit monitoring paid for by RCR. FSSA also has directed RCR to put a plan in place to prevent future security breaches.
FSSA Secretary Debra Minott issued a statement expressing relief that not more personal information was released.
"We have received assurances from RCR that the appropriate steps have been taken to correct the original programming error and prevent anything like this from happening again. We will continue to scrutinize their performance very closely," Minott said.
Indiana State Democratic Chairman John Zody said the Republican administration of Mike Pence is "getting a reputation for making mistakes that cost Hoosier taxpayers time and money and erode our confidence in state government."
"We're glad this story turned out far better for Hoosiers than it could have," Zody said.