On January 31, 2018, 2017 Form W-2s were made available electronically to Cedarville employees. Shortly after the notification was sent, an employee informed us that when he accessed what was supposed to be his 2017 W-2, another employee’s 2017 W-2 was displayed. Upon learning of the issue, we immediately began an investigation and promptly shut down all electronic access to 2017 tax forms.
During the investigation of what occurred, which included the direct involvement of the external software vendor, we learned that a software error had occurred that resulted in a limited number of 2017 tax forms being potentially viewable by other Cedarville employees. If you are affected, you will receive a letter to your home address with instructions. While we know of only two incidents where this may have occurred, we believed it was prudent to alert any employee who could have been affected in order to provide an opportunity for them to ensure their personal information was protected.
As part of the investigation, the vendor was able to identify that the tax forms of 241 individuals were potentially viewable by someone other than the correct employee. However, the vendor could not confirm which tax forms were actually viewed or accessed. In an abundance of caution, we notified those individuals that their tax forms were among those potentially viewable by another current or former Cedarville employee with login access. The information was not disclosed on the open web.
Note that we have no evidence that any information was misused. Nevertheless, we wanted those individuals to be aware of the incident and encourage them to consider protecting themselves against any potential misuse.
To assist them, we have offered a complimentary one-year membership to an identity protection service and suggested other precautionary measures they could take to protect their personal information.
We sincerely regret that this incident occurred and are working closely with the software vendor to ensure that they are using best practices and are making all necessary improvements so that the problem is completely resolved. In addition, we have added new internal precautions and are continually evaluating and modifying our practices and controls to enhance the security and privacy of your personal information.
If you have any further questions regarding this data incident, please contact Human Resources at 937-766-7885.
Posted in: Uncategorized