City of Janesville accidentally releases social security numbers

The City of Janesville's response to one company's open records request may have been a little too open.

The City of Janesville recently discovered that on January 2, 2014, a Vendor List was provided to the company Smart Procure pursuant to a Public Records Request which included the social security numbers of 758 vendors. Smart Procure is a company specializing in gathering purchasing data from local, state and federal agencies. The purchasing data is used by private businesses to seek new customers for their goods and services and assist them in bidding for government contracts.

Upon discovering the error, the City demanded that Smart Procure destroy all the Personally Identifiable Information provided by the City. An investigation of the company’s practices revealed that information (including vendor name, address and purchase order information) for 15 of the vendors was posted to the company’s website. The website did not publish any social security numbers. Three employees of Smart Procure were the only individuals that had access to the sensitive information.

The City does not foresee any adverse effects occurring to any of the 758 vendors as a result of the inadvertent release of information. However, in an effort to provide peace of mind to those vendors whose information was released, the City is offering Identity Theft Protection service through LifeLock free of charge for one year to any vendor electing to participate. The City has contacted each of the vendors through mail, and has established a telephone hotline to answer questions. The City is sincerely apologetic for the error, and is in the process of examining current policy for the release of public records.

Please contact the City’s hotline established to handle this matter with any questions or concerns at (608) 373-6000.