Social Security Numbers on State Websites

Earlier this week, Ohio Secretary of State Ken Blackwell was blasted when The Cincinnati Enquirer reported that there was an unknown number of Social Security numbers belonging to Ohio residents posted in business filings on the state’s website.

According to an article on USATODAY.com, it’s not uncommon for Social Security numbers and other such information to be readily available on state websites. Similar data is available on New York and Florida sites, as well as on seven other state sites, USA Today reports.

“When you have state agencies putting this stuff online, you are spoon feeding criminals valuable information,” Betty Ostergren, a privacy activist whose husband twice fell victim to identity theft schemes, told USA Today.

Sherri Dembinski, Secretary Blackwell’s chief of staff, told USA Today that the majority of Social Security numbers on the state’s site are from lien forms used between July 2001 and May 2002, and that some 150,000 of these forms are filed every year. Dembinski also told USA Today that filling in a Social Security number on a lien form is optional.

Blackwell’s chief of staff claims Ohio has done nothing wrong because state law calls for those filings to be processed within two days and posted by the next day so that they’re available to lending institutions and other interested parties, USA Today reports.

A spokesman for Blackwell, James Lee, told USA Today that even though the state didn’t break any laws, it is considering removing the Social Security numbers from its site.

For related coverage, read Ore. Health Data Breach Results in Loss of 4 Jobs, McAfee Employee Data Lost By Auditor and When the Dike Breaks: Responding to the Inevitable Data Breach.

Keep checking in at our CSO Security Feed page for updated news coverage.