Data breach prompts review at Mo. teacher pension fund

JEFFERSON CITY, Mo. -- Officials with the pension fund serving teachers and other public school employees in Missouri say they're reviewing safety protocols after a data breach last month.

A notification Friday from the Public School and Education Employee Retirement Systems of Missouri said the incident happened Sept. 11 when a system employee's email account was accessed by an unauthorized individual. The incident was reported Monday by the St. Louis Post-Dispatch.

The notification said the email account was quickly disabled and the unauthorized person failed to gain access to the organization's internal operating system.

The pension program serves more than 128,000 active members and more than 100,000 retirees and their beneficiaries.

No further details about the incident were released.

Last week, Gov. Mike Parson threatened criminal prosecution of a Post-Dispatch journalist who uncovered an unrelated data flaw at the Missouri Department of Elementary and Secondary Education. The newspaper found the Social Security numbers of school teachers, administrators and counselors were vulnerable to public exposure.

The vulnerability was discovered in a web application that allowed the public to search teacher certifications and credentials. The department removed the affected pages from its website Oct. 12 after being notified of the problem by the Post-Dispatch, which held off publishing the story until the affected pages were taken down.

But Parson accused the newspaper of "hacking." The Post-Dispatch's publisher, Ian Caso, said the journalist "did everything right."