Last month, the Texas Comptroller’s office admitted that it placed personal information – including names, addresses, social security numbers, birth dates, and driver’s licenses – of 3.5 million citizens on a publicly accessible computer server, a breach that is expected to cost the state $1.8 million to clean up.
In response to criticism of her handling of the breach, Combs said in a statement: "I am deeply sorry this incident occurred and I take full responsibility for it. This incident has affected the lives of Texans that I have dedicated my life to serving, and I am determined to restore their faith in the Comptroller's office. That's why we are taking additional actions to assist those who were affected and implementing new policies and procedures to help ensure this never happens again."
The additional actions include providing one year of credit monitoring and Internet surveillance to all those affected by the data breach and identity restoration services for those who have their personal information misused – paid for by Combs’ campaign fund.
Combs said her office would take additional steps to strenghthen data security, including: installing software that will provide automatic alerts when certain sensitive personal information moves into or out of the agency; hiring a chief privacy officer who will report directly to the agency's deputy comptroller; providing enhanced security awareness and training for personnel; implementing a new secure file transfer system that uses enhanced encryption; and obtaining an independent information security risk assessment for the office.