5,000 notified of DNR security breachby Matt Sepic, Minnesota Public Radio
ST. PAUL, Minn. — The Department of Natural Resources is notifying about 5,000 Minnesotans that an employee improperly accessed their driving and motor vehicle records.
The Bureau of Criminal Apprehension investigated and the employee allegedly involved no longer works for the department, DNR spokesman Chris Niskane said. He could not divulge why the employee allegedly looked at the records or whether the employee was fired.
No criminal charges have been filed so far.
"We don't have any tolerance for this kind of behavior," Niskane said. "We take this responsibility pretty seriously and we're looking into every possible avenue to ensure that it doesn't happen again."
Niskanen said it is unlikely the data were used for criminal purposes, but he advises anyone affected to monitor their credit reports. The agency reported the breach to the three main credit reporting agencies.
"We sent these letters out because it's the right thing to do. It's the right thing to notify people when something like this happens," Niskanen said. "We believe that there's a very low risk of any sort of malfeasance here. It doesn't appear to be so, but we wanted folks to know."
Niskanen also could not identify where the employee worked in the DNR, but said "several hundred'" DNR employees have a "business need-to-know'" that gives them access to the data, including people in game and fish licensing; those who investigate game, fish and recreational vehicle violations; and those involved in registering recreational vehicles including ATVs and snowmobiles.
It's illegal to access drivers' license data without a legitimate government purpose, but state audits have found that misuse is common and a number of public employees have faced discipline for it. Several cities have recently agreed to settlements totaling over $1 million with a former Eden Prairie police officer who alleged her private data was improperly viewed by more than 140 officers from various departments.
In a statement, DNR Commissioner Tom Landwehr said, "The agency is implementing additional employee training and looking into ways to monitor access to the data to ensure it doesn't happen again."