As if CalPERS didn’t have enough of a problem simply with incompetent portfolio management and an incessant need to play “catch up” to try and meet its fund’s obligations, the nation’s largest public pension fund is now dealing with a massive data breach.
CalPERS saw the personal information of 769,000 of its retired members exposed in a third-party breach earlier this month, KCRA reported this week. The fund serves more than 2 million members in its retirement system and 1.5 million in its health system, the report says.
The California State Teachers’ Retirement System, the second largest pension fund in the U.S., also suffered from the breach. It has more than 947,000 members.
This week CalPERS said that its third party vendor, PBI Research Services, had notified it of a “vulnerability” with software used to identify member deaths and make sure payments are distributed correctly. It told CalPERS the issued had since been fixed.
The app contains identifying information, including full names, birth dates and social security numbers. This information was accessed by an “unauthorized third party” the report says, also noting that names of family members may have also been exposed.
The third party told CalPERS that it found the issue “at the end of May” and that it was “actively being exploited by cyber criminals.”
In a statement, PBI said: “PBI promptly patched its instance of MOVEit, assembled a team of cybersecurity and privacy specialists, notified federal law enforcement and contacted potentially impacted clients. The cyber criminals did not gain access to PBI’s other systems – access was only gained to the MOVEit administrative portal subject to the vulnerability. PBI is working directly with impacted clients to identify impacted consumers and develop notice plans.”
And it isn’t just CalPERS that was affected: “thousands” of other organizations have also been impacted, the report says, including the U.S. Department of Energy and other federal agencies. Over 9 million drivers in Oregon and Louisiana, Johns Hopkins University, the Ernst & Young accounting firm were also exposed.
Randy Cheek, legislative director for the Retired Public Employees’ Association of California, concluded: “I felt just… flabbergasted that they didn’t say anything to anybody before this. We should have known. We should have been able to check our accounts.”
CalSTRS said in a statement: “This incident did not involve unauthorized access to CalSTRS’ network. CalSTRS is working with PBI to identify the CalSTRS members whose information was involved in PBI’s incident. CalSTRS will provide notice to any members and beneficiaries whose personal information was involved in accordance with applicable law.”
Article cross-posted from Zero Hedge.
What Would You Do If Pharmacies Couldn’t Provide You With Crucial Medications or Antibiotics?
The medication supply chain from China and India is more fragile than ever since Covid. The US is not equipped to handle our pharmaceutical needs. We’ve already seen shortages with antibiotics and other medications in recent months and pharmaceutical challenges are becoming more frequent today.
Our partners at Jase Medical offer a simple solution for Americans to be prepared in case things go south. Their “Jase Case” gives Americans emergency antibiotics they can store away while their “Jase Daily” offers a wide array of prescription drugs to treat the ailments most common to Americans.
They do this through a process that embraces medical freedom. Their secure online form allows board-certified physicians to prescribe the needed drugs. They are then delivered directly to the customer from their pharmacy network. The physicians are available to answer treatment related questions.
Reach out to Jase Medical today and use promo code “Rucker10” for $10 off your order.
Important: Our sponsors at Jase are now offering emergency preparedness subscription medications on top of the long-term storage antibiotics they offer. Use promo code “Rucker10” at checkout!