RALEIGH, N.C. (AP) — A security breach has exposed the personal information of nearly 1,900 employees of a North Carolina county.
Wake County said in a news release on Friday that a phishing attack on somebody who worked for the county’s former flexible benefit spending administrator exposed the employees’ personal information.
The breach, which the county vendor discovered on Dec. 31, 2019, exposed the name, dates of service and partial Social Security numbers of most affected employees. Some employees had their names, addresses and full Social Security numbers exposed and will be eligible for free credit monitoring.
Interactive Medical Systems, which no longer administers Wake County’s flexible benefit spending accounts, confirmed the breach in a Jan. 29 letter to the county.
The company is sending letters to affected employees to notify them how they can protect themselves.
“It’s important to note that this was not a breach of a county system, nor was it caused by a county employee,” Wake County chief information officer Bill Greeves said in a statement.
The county’s statement said the decision to change vendors when Wake County’s contract with Integrated Medical Systems ended on Dec. 31 wasn’t related to the security breach.