(KTXL) — We’re talking about names, social security numbers and other personal information of almost 770k retirees potentially being compromised.
Letters from CalPERS started going out to their retired members on Thursday about exactly what happened, and where they go from here.
CalPERS Chief of Public Affairs John Myers said, “In the world we live in, we hear about these things all the time now.”
“We’ve seen stories on other continents. We’ve seen state governments in the United States that have been reporting these concerns,” Myers continued.
The concern: A Russian ransomware gang, known as Clop’s, and its worldwide cybersecurity hack.
Myers said on June 6, CalPERS’ third-party contractor, PBI Research Services, first notified the government agency about a potential data breach.
Then on June 9, PBI confirmed that the information sent for them to verify was impacted.
According to Myers, work began that day to investigate the extent of the breach and what could be done about it.
“These people worked very hard for their pensions, we want them to know their pensions are secure, their money is not going to go away,” he said.
As a result, CalPERS says they have upped security measures.
Myers says the agency will be offering credit monitoring and identity theft protection services. They also have a newly dedicated call center to address concerns.
The California state teachers’ retirement system was also affected.
A member of CalSTRS spoke with FOX40 and said, “CalSTRS is working with PBI to identify the CalSTRS members whose information was involved in PBI’s incident. CalSTRS will provide notice to any members and beneficiaries whose personal information was involved in accordance with applicable law.”
Myers says CalPERS will no longer be sending additional information to the PBI research services/Berwyn group.
“The vendor had a problem which of course is our problem. We’re unhappy about that. We’ve taken these steps to make sure we don’t get into that again,” he said.
CalPERS officials spoke with FOX40, saying that the reason behind the two-week delay between confirming the breach and alerting retirees was that the agency wanted to make sure it understood the extent of the breach and had enough information to provide potential solutions for people whose information was compromised.