Security News > 2020 > June > San Francisco Employees' Retirement System Discloses Data Breach

San Francisco Employees' Retirement System Discloses Data Breach
2020-06-04 13:26

The San Francisco Employees' Retirement System this week disclosed a data breach that impacted over 70,000 of its members.

According to the vendor, while it has no evidence that any data pertaining to SFERS members was removed from the server, it cannot confirm that the perpetrators did not access or copy the data.

Although no social security numbers and bank account numbers were stored on the server, a large amount of other data was exposed, with both active and retired SFERS members impacted, the retirement system announced.

"Within hours of discovering the potential data breach, 10up locked the server. SFERS has implemented a password reset requirement for all members logging in to the SFERS website," the retirement system also notes.

"10up takes security extremely seriously, so we felt obligated to report unauthorized access to a server that made it technologically *possible* for some older SFERS data to be accessed by that unauthorized party. We know with high certainty that SFERS were not the target of the party accessing the server, and downloading existing data from the server does not seem to have been the purpose or part of the access."


News URL

http://feedproxy.google.com/~r/Securityweek/~3/hlXxtKsYub0/san-francisco-employees-retirement-system-discloses-data-breach