This is an archived article that was published on sltrib.com in 2015, and information in the article may be outdated. It is provided only for personal research purposes and may not be reprinted.
Sensitive personal information may have been exposed this summer for an unspecified number of people who filed workers compensation or third-party claims with Salt Lake County.
County Mayor Ben McAdams released a statement Monday afternoon saying the county is working to identify individuals whose information may have been compromised between June 18 and Sept. 9 during a systemic upgrade by Systema Software, a company based in Larkspur, Calif., that provides claims-administration software related to workers compensation, auto and property insurance for numerous governments and private clients in three states.
McAdams' spokeswoman, Alyson Heyrend, said later the number is still being tabulated.
"Some of the online bloggers have used an erroneous number of 29,000 [in Salt Lake County]," she added. "It is quite a bit smaller than that, I think, but I can't give you an exact number."
She said county officials do not believe the exposure resulted in misuse of the personal information.
Still, the county has notified its 3,000-plus employees of the situation and set up a call number if they have questions.
In addition, Heyrend said, "every single person in the database that we can ascertain had exposure will get a letter from the county, describing the services available to them."
Modern Healthcare, a news publication focused on the industry, reported that 1.5 million records were exposed in California, Utah and Kansas by a man in Texas.
"The data included police injury reports, drug tests, detailed doctor visit notes and Social Security numbers," Modern Healthcare reported.
Systema released a statement later Monday afternoon acknowledging "a single individual gained unapproved access into our data-storage system containing data belonging to certain Systema clients."
"This individual self-reported this discovery to [Systema], the proper authorities and impacted clients … and provided written confirmation to the Texas attorney general that he has not shared or used the data inappropriately," Systema added, noting the Texas attorney general has secured the company's hard drive.
The company said it immediately launched a comprehensive internal review to gauge the event's scope, notified impacted organizations and cooperated with state and federal authorities and a forensic information technology firm in an investigation.
"We believe the issue has been contained," the company statement said, adding "as is common with similar events, until the investigation is completed, it will be difficult to confirm the full scope of the incident. But we will continue to work vigilantly to address this issue … and enhance our data-security policies."
Salt Lake County is in a similar mode, McAdams' statement said.
"The county is conducting a thorough review of its data-security oversight procedures to ensure our third-party vendors have the proper security measures in place," he said.