San Francisco Employees' Retirement System (SFERS)

San Francisco Employees' Retirement System (SFERS) experienced a data breach.

The Retirement System contracts with vendors to provide SFERS members with online access to their account information.

One of the vendors, 10up Inc., set up a test environment on a separate computer server which included a database containing data from approximately 74,000 SFERS member accounts but the server data was not subsequently updated.

This server had been accessed by an outside party on February 24, 2020.

The vendor had to shut down the server.

Source: https://mysfers.org/wp-content/uploads/2020/06/10up-Breach-SFERS-Notice-Website-FINAL.pdf

"id": "SAN1274123",
"linkid": "sfers",
"type": "Data Leak",
"date": "02/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"