MILWAUKEE (WITI) -- The car of a Dynacare Laboratory employee that was stolen on October 22nd apparently contained City of Milwaukee employee information. City officials were notified of the breach at 1 p.m. on Friday, November 15th.
More than 5,000 city employees and their spouses make up the group that had their information compromised.
Officials say inside that car was a flash drive that contained city employee information which included employee names, addresses, dates of birth, Social Security numbers and gender. No financial information, medical records or test results were included in the database.
"We were outraged. How in God's name would you put this information, this important information, about city employees on a flash drive? This should be secure information that is protected," said Milwaukee Mayor Tom Barrett. "We are very upset with this incident, how it's handled, how it occurred and how we were notified."
Dynacare Laboratories is a contractor used by Froedtert Health Workforce Health in connection with the City of Milwaukee Wellness Program.
In a statement, officials say the "City of Milwaukee is committed to the protection of the personal information of its employees and will work with Froedtert Health to determine the full circumstances underlying this incident and pursue appropriate corrective measures."
City employees will apparently be receiving a separate letter from Dynacare Laboratories about this incident with information about the risks of identity theft and an offer of one-year free membership in “ProtectMyIDAlert” an identity theft notification program.
The incident also affects a group of patients who received testing from Dynacare Laboratories between August and October 2013.
Dynacare released a statement reading: Dynacare is committed to maintaining the privacy and security of the personal information it maintains, and it deeply regrets any inconvenience this may cause its patients. To help prevent something like this from happening in the future, Dynacare is conducting a comprehensive internal review of its policies and procedures and re-enforcing education to its employees on the importance of safeguarding patient information.
It is still unclear whether anyone has actually misused any of the personal information.