The identity thefts took place during the period from 2007-2013 but the insurance company did not know about the data thefts until December 2014 when they were notified by the IRS.
"the former employee’s personal cell phone was confiscated and pictures of screen shots from [the insurance company's] computer screens were found on it."Unfortunately, third parties, rather than the organization holding the PII, are often the first to discover identity thefts. However, this is not the case for organizations that utilize low-cost on-demand SaaS analytics to proactively detect identity thefts and data privacy breaches, even when a mobile phone is used to capture screenshots.
- insurance company letter to attorney general's office
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Aetna Notification to Maryland State Attorney General's Office - www.OAG.state.MD.us, 03/29/2015