Personal info exposed to outside contractor by CMS

CHARLOTTE, N.C. — The Charlotte Mecklenburg School District notified thousands of applicants an outside contractor had access to social security numbers without their consent two days ago, and officials have yet to answer questions from Channel 9.

Some of the affected applicants brought their concerns to Channel 9 and the head of the North Carolina Classroom Teachers Association.
 
"They were concerned about all the issues anyone else in society is concerned about whenever they know their personal information has been violated," Judy Kidd said.
 
Channel 9 has called and sent emails to CMS asking the following questions:

• How long ago has the database that exposed the applicants information been up and running?
• Will the district will pay for credit monitoring?
• How will CMS verify the vendor properly destroys the sensitive information, as required by state law?

"What is clear is there is a violation of privacy. What is not clear is how severe the situation really is," University of North Carolina at Charlotte Professor Bill Chu, Ph. D., said.
 
Chu teaches information security at UNCC and said people won't know the real risk until they get more information from CMS.

He said the breach highlights the need for more training.
 
"If people who are working different levels of CMS are properly trained to think about security, then perhaps this could have been avoided," Chu said.
 
A representative for the North Carolina Attorney General's Office told Eyewitness News, they consider this type of breach the same as a major hack.
 
A CMS representative told Channel 9 they are still working on getting responses to the list of questions.

WSOC