Data Breach of a retirement system in San Francisco

July 4, 2020
retirement system san francisco data breach

Cybercrime experts recently reported that the breach of the San Francisco Employees Retirement System that leaked out sensitive information of registered active and retired employees for their retirement program. An in-depth report concluded that the leakage came through after unauthorized access was gained on the test environment created by the contracted developer for their website. It stated that 74,000 member information is used on the database for this test. The access was said to happen on February 24, 2020, but the developer only learned the intrusion on March 21, 2020.  The formal investigation of the developer and San Francisco Retirement Employee Department began on March 26, 2020. But the filing of the breach to public knowledge just happened recently.

The developer reported that the data used in the test environment were from the records that the system captured since August 2018. The San Francisco Employees Retirement Department confirmed that the information is still intact on their server. But unable to see any evidence that if it was viewed or copied by the perpetrator. The data that allegedly leaked the names, addresses, birthdate, list of beneficiaries declared for this program, and some bank accounts intended to deposit their claim. Furthermore, if the member or client registered online, chances that the breach also exposes their login credentials and security questions to this rupture.


The San Francisco Employees Retirement Department released an official statement about the breach and advisory to its members to be vigilant for any phishing scams that may occur due to this incident.


Members must contact the department for any solicitation they may receive through call, SMS, and emails for its legitimacy. Also, as part of the department mitigation plan, they provided affected members of a monitoring service for their account. The monitoring services include credit history as part of their identity theft prevention for possible misuse of their credentials.

The investigation about this issue is still ongoing, including the magnitude of its possible scarring. A cited sample to learn on this issue is always to have secured storage of sensitive information. Especially those who work with essential databases as such leaks or intrusion can lead to business or entities defacement. Regular health check and scanning is a must to ensure that our storage may not be compromised. Else we can immediately devise a mitigation plan to avoid fatal damage.

About the author

Leave a Reply