NYSEG Explains Security Breach to Customers

Customers of NYSEG (New York State Electric & Gas) received a letter saying that records of their Social Security number, birth date, and perhaps bank account numbers have been breached. What the company calls "unauthorized access to one of [its] customer information systems," has resulted in credit card and other information being released by a contract employee.

NYSEG sent a letter to affected customers, encouraging them to monitor their accounts for unauthorized activity and offering a free credit report and a credit monitoring service for a year. NYSEG also posted a Q&A for concerned customers.

Clayton Ellis, a spokesperson for NYSEG, denied malicious intent or misuse so far:

"We need to emphasize too that there's absolutely no evidence through our investigation so far that any of our customer data has actually been misused or that there was any malicious intent on this individual's part."

Discussion Starters:

  • Assess NYSEG's letter to customers. If you were a customer, what would you find reassuring? What could be improved?
  • Also assess the Q&A. Same: what is reassuring, and what could be improved in this communication?