ACS Data Breaches top 4.6 Million
Affiliated Computer Services, Inc. (NYSE: ACS), a provider of diversified business process outsourcing (BPO) and information technology outsourcing (ITO) solutions to commercial and government clients worldwide has been plagued by data breaches dating back to January 2000.
ACS is a FORTUNE 500 company of 58,000 people in over 100 countries. Security breaches attributed to the Dallas based company could impact more than 4.6 million Americans.
April 2007: Health Officials in Georgia announced that a computer disk under ACS control containing the names, addresses, birth dates andnumbers of 2.9 million Medicaid and children's health care recipients is missing.
January 2007: FindMyID.com researcher Janice Forster reported she found Social Security numbers belonging Darwin Deason and his wife displayed on a county website. The number appeared on a special warranty deed signed by Deason. Forster notified the ACS founder of his exposure in an open letter but received no response.
October 2006: ACS announced that personal information on as many as 1.4 million Coloradoans may be in the hands of thieves after someone stole a computer from the company’s Colorado office. The computer contained child support payment information and information on newly hired employees of the Colorado Dept. of Human Services.
September 2006: A security breach by ACS exposed private information of student loan borrowers from Aug. 20-22 during a computer software upgrade. Users of the Direct Loans Web site were able to view information other than their own if they used certain options, according to the Privacy Rights Clearing house which maintains a database of security breaches. 21,000 accounts were compromised. Direct Loans is part of the William D. Ford Federal Direct Loan Program within U.S. Dept. of Education and Federal Student Aid
July 2006: A tape en route to ACS was lost when shipped by FedEx to the company’s Dallas headquarters. The tape contained private information on 13,700 current and former employees of Cablevision Systems Corp.
February 2006: Credit card information on people who paid by card for parking at the Denver International Airport was on a backup tape stolen from ACS. The backup tape contained records for seven years. No number of records or individuals was estimated. DIA changed its procedures so that ACS was no longer allowed to store credit card information on any systems at DIA.
June 2005: Two computers containing personal information on as many as 68,000 Motorola employees were stolen from the mobile phone maker's human resources services provider, Affiliated Computer Services. The data on the stolen computers included names and Social Security numbers but no financial information Motorola offered affected employees fraud insurance coverage at no charge.
January 2000: A subcontractor to ACS Government Solutions Group, was the target of a raid by the U.S. Immigration and Naturalization Service at the Air Force Personnel Centers located at Randolph Air Force Base in San Antonio Texas. A statement from the Air Force said the workers had access to the personal records of 352,263 active duty troops, civilian workers and their families.