Skip to Top Main Navigation Skip to Content Area Skip to Footer
Texas Department of Insurance
Topics:   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z All

Notice of data security event

Español

TDI notified people whose workers’ compensation claim information may have been affected by a recent data security event.

We take this event and the security of the information in our care seriously. When we became aware of the issue, we immediately took the application offline, quickly fixed the issue, and started an investigation to determine the nature and scope of the event.

TDI also worked with a forensics company to search the web for evidence of misuse of the information and no evidence has been found to date.

What happened?

  • On January 4, 2022, we became aware of a security issue with a TDI web application that manages workers’ compensation information.
    • We temporarily disconnected the web application from the internet.
    • We found the issue was due to programming code that allowed internet access to a protected area of the application.
  • We fixed the programming code issue and put the TDI web application back online.
  • We began an investigation to find the nature and scope of the issue. This included:
    • Finding out whose information was or may have been viewed by people outside of TDI.
    • Searching the web for evidence of misuse of the information. To date, we have not identified evidence of misuse.

What information was involved?

The types of information that may have been accessible include names, addresses, dates of birth, phone numbers, part or all of Social Security numbers, and information about injuries and workers’ compensation claims.

What steps we took.

  • We worked with a forensic company to investigate the nature and scope of the event.
  • We reviewed and enhanced our policies, procedures, and security efforts.
  • We sent a letter to people who had a new workers’ compensation claim between March 2019 and January 2022 and who may have been affected by the event.
  • We offered 12 months of credit monitoring and identity protection services at no cost to those who may be affected. The sign-up deadline was September 30.

What you can do.

We encourage you to stay alert for errors, suspicious activity, and identity theft and fraud by reviewing your account statements and monitoring your free credit report. To learn more, read the “Credit monitoring and guidance” section below.

Questions?

Call our Help Line at 800-252-3439.

Credit monitoring and guidance

Monitor your accounts

  1. Ask for a free credit report

    Under U.S. law, you can get one free credit report every year from each of the three major credit reporting bureaus: Equifax, Experian, and TransUnion.

    To order your free credit report, visit www.AnnualCreditReport.com or call 877-322-8228 (toll-free). You also can contact the three major credit reporting bureaus listed below.

  2. Place a fraud alert on a credit file

    You can place an initial or extended “fraud alert” on a credit file for free. To do this, contact one of the three major credit reporting bureaus listed below.

    • Initial fraud alert: A one-year alert that can be placed on your credit file. When a business sees this alert, it must check your identity before giving new credit.
    • Extended fraud alert: If you are a victim of identity theft, you can get an extended fraud alert. It’s an alert that can be placed on your credit file for seven years. When a business sees this alert, it must check your identity before giving new credit.
  3. Place a credit freeze on your credit report

    Instead of a fraud alert, you can ask credit reporting bureaus to place a “credit freeze” on your report. This will mean the credit reporting bureau can’t give out your personal and financial information without you agreeing to it. Under U.S. law, you can’t be charged to place or remove a credit freeze on your credit report.

    Note: A credit freeze may delay, interfere with, or not allow timely approval of a request or application for a: (1) new loan, (2) credit, (3) mortgage, or (4) any account involving a request for credit.

    To ask for a credit freeze, you will need to give the three major credit reporting bureaus:

    1. Your full name, including middle initial and Jr., Sr., II, III, etc.
    2. Your Social Security number.
    3. Your date of birth.
    4. Your addresses for the past two to five years.
    5. Proof of current address, such as a current utility bill or phone bill.
    6. A clear copy of a government-issued ID card, such as a state driver’s license or ID card.
    7. If you are a victim of identity theft, a copy of either the police report, investigative report, or complaint to a law enforcement agency about the identity theft.

The three major credit reporting bureaus

General contact information


Fraud alert contact information

Equifax Fraud Alert
P.O. Box 105069
Atlanta, GA 30348-5069

Experian Fraud Alert
P.O. Box 9554
Allen, TX 75013

TransUnion Fraud Alert
P.O. Box 2000
Chester, PA 19016


Credit freeze contact information

Equifax Credit Freeze
P.O. Box 105788
Atlanta, GA 30348-5788

Experian Credit Freeze
P.O. Box 9554
Allen, TX 75013

TransUnion Credit Freeze
P.O. Box 160
Woodlyn, PA 19094

More information

To learn more about identity theft, fraud alerts, credit freezes, and the steps you can take to protect your personal information, contact:

  • A credit reporting bureau: See above for the websites and contact information for the three bureaus.
  • The Federal Trade Commission (FTC): If your information has been misused, the FTC encourages you to file a complaint with them. To learn how or get more information about other steps you can take, go to IdentityTheft.gov or contact the FTC at:

    600 Pennsylvania Avenue NW
    Washington, DC 20580

    877-ID-THEFT (877-438-4338)
    TTY: 866-653-4261

  • Your local police department: You should file a police report if you experience identity theft or fraud, or suspect identity theft. To file a report, you will likely need to give some proof that you have been a victim.
  • Your state’s Attorney General.
Last updated: 1/4/2023