14 DAY TRIAL // The Office of the Texas Comptroller has been named as defendant in a lawsuit seeking $3.5 billion in damages after the institution exposed the personally identifiable information of millions of people.
This is actually the second lawsuit filed in response to the Comptroller's office leaving sensitive records available on a publicly accessible web server for over a year.
The breach was discovered back in March and concerns records submitted by the Teacher Retirement System of Texas (TRS), the Texas Workforce Commission (TWC) and the Employees Retirement System of Texas (ERS).
The exposed data includes the names, mailing addresses, dates of birth, driver's licence numbers and Social Security numbers of 3.5 million Texas residents.
"We are seeking the $1,000 statutory penalty for each of these individuals whose privacy was violated by the Comptroller," said attorney Muhammad Aziz, who represents plaintiff Sherry A. McClung, a Lufkin school teacher, in the lawsuit.
The Comptroller's office has already spent around $1.2 million in sending notification letters to all affected individuals and setting up a phone hotline.
Following the incident the institution fired its chief of information security, its head of innovation and technology department and three other employees who failed to follow internal policies.
"I am deeply sorry for what happened and my office is taking actions to assist those who were affected and implementing new policies and procedures to help ensure this never happens again.
"I cannot comment on any litigation, but I can say that we will work with the Office of the Attorney General and provide them the information they need in responding to any legal action," the Texas Comptroller Susan Combs told the Houston Chronicle.
The Office is offering all affected individuals a one-year free subscription with a credit monitoring service through a company called CSIdentity.