The California Treasurer this week called on the boards of CalPERS and CalSTRS to take action after a data breach exposed the personal information of more than one million retired members. The California Civil Service Retirement System announced last week that approximately 769,000 retired CalPERS and CalSTRS members have retired. Their family was exposed in a third-party data breach reported on June 6th. The California Teachers Retirement System announced that her 415,000 of its members and beneficiaries were affected. CalPERS and CalSTRS are her two largest public pension funds in the United States. Fiona Marr, a member of both boards, said in a letter to her CEO of each system this week that the vendor was “extremely concerned” about the breach involving PBI Research. . service. Read the letter to CalPERS here. Read the letter to CalSTRS here. PBI helps organizations like CalPERS identify member deaths and ensure proper payments are made to retirees and their beneficiaries. A vulnerability in PBI’s MOVEit Transfer Application allowed data such as first and last name. In a statement, PBI said the vulnerability was identified “at the end of May” and “is being actively exploited by cybercriminals.” Not involving CalPERS or CalSTRS own information systems also affected other organizations across the country. Ma called on CalPERS and CalSTRS to convene a special meeting of the Trustees “at the earliest possible opportunity.” The letter provides the board with a “complete description of the timeline of events, staff behavior after a breach was detected, current data security measures and protocols, and plans to prevent future intrusions of this type. We ask that you receive a thorough explanation from the staff.” He provided further details on whether there were discussions about whether agencies should continue to use PBI, when officials became aware of the attack, and what action was taken in response. Said he wanted to know. She also asked for numbers on how many fraud reports there were related to the breach. KCRA 3 has reached out to CalSTRS and CalPERS for comment on this letter. A CalSTRS spokesperson said the agency plans to add the data breach topic to the closed-door session agenda at its offsite board meeting July 25-27 in La Jolla. A spokesperson said no members had reported any misconduct to CalSTRS since the leak. CalPERS spokeswoman Amy Morgan said the board was “fully briefed last week and held a public meeting with interested parties on the matter.” President and CEO Theresa Taylor and CEO Mercy Frost met with Ma on Tuesday, saying, “A new update may be taken up at the July off-site board meeting and a special She agreed that no meeting was necessary.” The meeting will be held from July 17th. 19th in Monterey. CalPERS said it was not aware of any reports of possible misconduct by its members since the leak. Last week, the agency wrote to affected members about the breach and announced that it would provide two years of free credit monitoring for Experian.
The California Treasurer this week called on the boards of CalPERS and CalSTRS to take action after a data breach exposed the personal information of more than one million retired members.
The California Civil Service Retirement System announced last week that approximately 769,000 retired CalPERS members and their families were affected in a third-party data breach reported on June 6.
The California Teachers’ Retirement Plan said 415,000 of its members and beneficiaries were affected.
CalPERS and CalSTRS are the two largest public pension funds in the country.
Fiona Marr, a member of both boards, said in a letter to the system CEOs this week that she was “extremely concerned” about the breach involving vendor PBI Research Services.
PBI helps organizations like CalPERS identify member deaths and ensure proper payments are made to retirees and their beneficiaries.
A vulnerability in PBI’s MOVEit Transfer Application could allow an unauthorized third party to download data such as first and last name, date of birth, and social security number.
In a statement, PBI said the vulnerability was identified “at the end of May” and “is being actively exploited by cybercriminals.”
The breach did not involve CalPERS or CalSTRS’s own information systems, but it also affected other organizations around the country.
Ma called on CalPERS and CalSTRS to convene a special meeting of the Trustees “at the earliest possible opportunity.”
The letter provides the board with a “complete description of the timeline of events, staff behavior after a breach was detected, current data security measures and protocols, and plans to prevent future intrusions of this type. We ask that you receive a thorough explanation from the staff.” ”
He would like to know more about whether there have been discussions about whether agencies should continue to use PBI, when officials became aware of the attack, and what action was taken in response. said I want to
He also asked for numbers on how many fraud reports there were related to the breach.
KCRA 3 has reached out to CalSTRS and CalPERS for comment on this letter.
A CalSTRS spokesperson said the agency plans to add the data breach topic to the closed-door session agenda at its offsite board meeting July 25-27 in La Jolla.
A spokesperson said no members had reported any misconduct to CalSTRS since the leak.
CalPERS spokeswoman Amy Morgan said the board was “fully briefed last week and held a public meeting with interested parties on the matter.”
President and CEO Theresa Taylor and CEO Mercy Frost met with Ma on Tuesday, saying, “A new update may be taken up at the July off-site board meeting and a special She agreed that no meeting was necessary.”
The meeting will be held in Monterey from July 17-19.
CalPERS said it was not aware of any reports of possible misconduct by its members since the leak.
Last week, the agency wrote to affected members about the breach and announced that it would provide two years of free credit monitoring for Experian.