On August 29, 2024, Public Agency Retirement Services (PARS) reported a data breach to the Attorney General of California. The breach occurred due to a phishing attack, which allowed an unauthorized party to access an employee’s email account. This access enabled the party to view sensitive information between March 11, 2024, and March 14, 2024. Upon discovering the breach, PARS immediately secured the affected account and launched an investigation with the help of cybersecurity experts.
PARS determined that the compromised emails contained sensitive consumer information related to government employees. Although specific details about the data types affected were not made publicly available, personalized notification letters were sent to individuals impacted by the breach. These letters provide details on what personal information was exposed.
PARS specializes in designing and managing retirement products for public agencies, which is how it collects personal data from various government employees. The company has emphasized that it has taken corrective measures to prevent similar incidents in the future, including securing its systems and investigating the breach’s full extent.
Founded in 1984, PARS offers retirement services to municipal governments, school districts, and higher education institutions. The company, which employs over 101 people, has stated its commitment to protecting personal data and improving its security infrastructure in response to the recent breach.
Reference:
