Ohio Data Theft Deepens: Stolen Device Has Information on 1.1 Million People and Businesses
By Dennis J. Willard, The Akron Beacon Journal, Ohio
Jul. 12–COLUMBUS — Surrounded by top Cabinet officials wearing forlorn faces, Gov. Ted Strickland announced Wednesday that the theft of state data last month was deeper than previously thought and personal tax, Social Security and other information potentially affecting 675,000 more individuals is on the mysterious, unidentified device stolen from an intern’s car.
Strickland moved quickly to mail notices to taxpayers, former state employees dating back to 1999, vendors who had conducted business with the state and others as the seemingly minor crime continues to broaden and possibly threaten the financial security of an estimated 859,852 individuals and 258,529 businesses, vendors, school districts and others for a total of 1,118,381.
The governor repeated that people who believe their information could be in the data can search their name on a state Web site or call a toll-free number for assistance.
The State Highway Patrol also has a tip line and a post office box for anyone to anonymously mail in information about the theft, including a plea for the thief to deliver the device back to the state.
“While the state continues to believe it is highly unlikely that the information contained in the stolen device has been accessed, individuals affected by this latest announcement will be offered service by Debix,” Strickland said, referring to the firm hired to provide identity theft protection to anyone affected for up to a year.
About 58,400 people have signed up for Debix. The newly found names will cost the state an estimated $890,000 more.
Although Strickland continues to stress that the information would be difficult to decode without a high degree of technological finesse, a top official in the Ohio Department of Administrative Services (DAS) admitted that an outside vendor, Interhack Corp. of Columbus, hired to assist the state, has been able to access information contained within a similar database encrypted by the same software.
Hugh Quill, Strickland’s administrative services director, said he could not pinpoint a deadline for completing a check on the stolen data nor could he say whether more people and vendors could be affected.
Meanwhile, Republicans went into attack mode after the Democratic governor’s early morning news conference.
State Rep. Kevin DeWine, R-Fairborn, who co-chairs the Ohio Republican Party, said each weeks brings surprises and more bad news about how badly the data theft has been managed.
“Anyone who praised the Strickland administration for their swift action on this issue should be eating those words right now. The fact that it’s been more than a month since this data was stolen and Ohioans are still finding out who is affected is an outrage,” DeWine said.
State Sen. Kevin Coughlin, R-Cuyahoga Falls, said the cost to taxpayers is $2.2 million and growing.
“Since the theft, I have reserved judgment and given Gov. Strickland the benefit of the doubt as the case developed. As details emerge from the investigation, Ohioans have the right to question Ted Strickland and his ability to effectively run our state government,” Coughlin said.
Coughlin said each new set of details raises more questions, and he believes the legislature should consider an independent review of the theft and Strickland’s handling of it.
State officials now know the stolen file includes the names, Social Security numbers and the amount the individual received on personal income tax returns in 2005, 2006 and through May 29 of this year.
Strickland said this includes return checks cashed after May 29.
A subgroup of 14,874 individuals has had some business dealings with the state, but state officials have yet to determine the exact source of the data.
Some of these files include Ohio Department of Commerce and Ohio Lottery Commission data, and 3,471 of the individuals in the subgroup have personal bank account information on the stolen database.
Strickland said names and Social Security numbers of 8,123 former employees who worked for the state from Jan. 1, 1999, to July 31, 2001, and May 1, 2005, to June 12, are also on the database. Bank account information for 2,073 of those former employees is included.
The names of 86,986 vendors and their tax identification numbers, as well as bank account information for 10,840 vendors, also are on the device.
The Highway Patrol is working with the local police department on the crime. The Hilliard Police Department has offered a $500 reward for information about the theft.
Patrol Superintendent Richard Collins said no other law-enforcement agencies, including the FBI, have been formally involved in the investigation.
Collins would not say whether the patrol was investigating any effort by the thief to sell the information.
State officials acknowledged three people whose information is on the tape have reported incidents of identity theft, but the patrol believes there is no connection between the crimes and the data.
Dennis J. Willard can be reached at 614-224-1613 or dwillard@thebeaconjournal.com.
—–
To see more of the Akron Beacon Journal, or to subscribe to the newspaper, go to http://www.ohio.com.
Copyright (c) 2007, The Akron Beacon Journal, Ohio
Distributed by McClatchy-Tribune Information Services.
For reprints, email tmsreprints@permissionsgroup.com, call 800-374-7985 or 847-635-6550, send a fax to 847-635-6968, or write to The Permissions Group Inc., 1247 Milwaukee Ave., Suite 303, Glenview, IL 60025, USA.