April 11-07

Georgia Health Officials announced Tuesday that a computer disk containing the names, addresses, birth dates and Social Security numbers of 2.9 million Medicaid and children's health care recipients is missing. .

The CD, which had been in the possession of business process outsourcer Affiliated Computer Services contained the sensitive data of Georgia residents enrolled in the state's Medicaid and PeachCare for Kids programs, the Georgia Department of Community Health said in a statement.

ACS holds a contract to handle health care claims for the state as well as contracts with federal, state and county offices across America.

PeachCare is Georgia's health insurance program for low-income children. Medicaid is a health insurance program for the poorest residents. Both programs are funded with a combination of state and federal dollars.

Officials said the information, including addresses, covered the four-year period up to June 2006 and included some people who are no longer on the rolls.

The CD was lost while it was being shipped from Georgia to Maryland, ACS spokesman David Shapiro said. The company has been working with the carrier, which Shapiro would not identify, for several days to find the package, he said.

"We are treating this as a missing package," he said. Shapiro wouldn’t comment on whether the data on the disc was encrypted.

ACS had to physically transport the media to the Georgia DCH "because the volume was too great for e-mail," the spokesman said.

The Georgia DCH said it has ordered ACS to provide all affected residents with written notification about the incident and assistance with credit monitoring in case the data has fallen into the hands of identity thieves.

According to the ACS spokesman, the company will review its internal procedures for transporting sensitive data once the investigation is complete. "If we need to tighten up certain areas then we will do that" said the spokesman.

Not the First Time

This blunder is the latest of many  that charge ACS and founder Darwin Deason with putting Americans at risk. The company, which was named among the world's top outsourcers of American data by ContactCenterWorld.com's, has been plagued by security breaches since January 2000.  

The number of  individuals whose private data has been compromised by ACS security breaches now tops 4.6 million including the founder's own Social Security number. Last January,  FindMyID.com researcher Janice Forster reported she found Social Security numbers belonging to Deason and his wife displayed on a county website.

Learn how comprehensive identity theft protection from Lifelock can protect you from criminals when government websites compromise your security.