In August of this year, an error on the Department of Housing and Urban Development website spilled data on as many as 600,000 individuals. Three long months after the leak happened it finally came to light after a HUD client received a letter in the mail and shared it with reporters in Fargo.
Fargo Housing and Redevelopment Authority Executive Director Lynn Fundingsland told Valley News Live that she thought the letters might be a scam when they were first brought to her attention. After checking with her colleagues in Washington, she learned that they were completely legitimate.
The letters, sent from the office of HUD Senior Agency Official for Privacy Helen Goff Foster, detail the information that was exposed. For public housing residents, the information included only last names and partial social security numbers. Other individuals affected by the leak didn’t get off as easy.
According to the breach notice, “information relating to some people who worked for employers that sought HUD/Empowerment Zone-related tax credits, including name, address, and full or partial social security numbers, was also disclosed.” Exposure of social security numbers is considered one of the worst things that can happen in a data breach or leak, since it could allow an identity thief to apply for credit, file fraudulent tax returns, or steal benefits.
I’ve reached out to the Department to confirm the actual number of records that may have been exposed. As for whether or not any unauthorized third parties managed to get their hands on the data, HUD’s official notice states that they are unaware whether it was “accessed or used during the time it was available.”
To help protect those who were exposed, HUD is offering potential victims a year of credit monitoring via TransUnion.