Data breach exposes info on NY utility customers

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://gcn.com/articles/2012/01/25/agg-ny-utilities-data-breach.aspx

Nearly 2 million customers of two New York-based utility companies
have had personal data compromised in a data breach, Threat Post
reports.

The New York State Public Service Commission said Jan. 23 that it was
looking into an incident in which a software consulting firm employee
gained unauthorized access to the databases of New York State Electric
& Gas and Rochester Gas and Electric. The contractor was working for
Iberdrola USA, the parent company of both utilities, which together
serve 1.8 million customers.

The breach exposed customers' Social Security numbers, birth dates and
some account information, the commission said in a press release.

There has been no indication that the exposed data has been misused,
but the utilities have sent their customers a notification about the
breach as a precaution. In the letter, NYSEG and RG&E say they are
conducting their own investigation into the matter. The utilities urge
customers to monitor their credit and bank accounts carefully for any
signs of fraud and say they are offering one year of free credit
monitoring.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Small, inexpensive USB drives pose huge threats to organizations left unprotected. 
Download Chapter 1 of CREDANT Technologies eBook
Data Protection to the Rescue
http://www.credant.com/campaigns/external_media_ebook/chapter1/lp/