CONCORD -- Kindergarten teacher Janice Winsby got an unwelcome call from her bank on Christmas Eve: Someone had been using her credit card.
Although Winsby knows this type of thing happens often, she's more concerned than usual because she received a letter from the Mt. Diablo school district two days earlier saying a laptop containing confidential employee information had been stolen from the district office.
"I thought maybe I should call the Concord Police Department because they were the ones investigating the burglary," Winsby, a teacher at Cambridge Elementary School, said Friday. "But I haven't done it. It's kind of hard to prove any connection."
Still, Winsby and other employees are wondering whether the security breach that affected nearly 16,000 district employees and retirees -- along with about 2,200 current and former employees in the Berkeley school district -- could lead to identity theft.
The Dec. 18 letter sent to Mt. Diablo employees said the information was related to people who worked in the district between 1998 and 2010. But retired teacher Pat Teschner said she has been contacted by three retirees who received the letter even though they left the district earlier than 1998, including one who retired in 1993.
"She's in her early 80s and was very confused and frightened by it," Teschner said. "And she would like to know if it applies to her or not."
Chief Financial Officer Bryan Richards said the data was transferred to his laptop from a computer that had been used by the previous chief financial officer. A Berkeley district payroll file was also on the laptop, according to a Friday letter from Mt. Diablo Superintendent Steven Lawrence to affected Berkeley employees.
"We believe a former Berkeley Unified School District employee who then came to work for the district and has since left inadvertently transferred the file to the district's computer," Lawrence wrote.
Berkeley school district spokesman Mark Coplan said the person believed to have accidentally taken the information to Mt. Diablo was a short-term, temporary Berkeley employee. Coplan said his district sent a letter to affected employees the week before Christmas to inform them about the breach.
"We want our employees to know about it and that police are following up and that Mt. Diablo is taking care of it," he said. "But we really don't anticipate anyone's information actually being used."
The Mt. Diablo district offered its employees and retirees a free one-year membership in an identity theft protection program. The district is also offering the membership to affected Berkeley employees.
Mt. Diablo district employees also received contact information for credit reporting agencies and the Federal Trade Commission, along with a suggestion to contact police or the state Attorney General's Office if identity theft is suspected. FTC attorney Evan Rose said people whose confidential data has been stolen should monitor their credit cards and bank accounts closely and request free credit reports from each of the three credit reporting agencies every four months.
If they believe they are the victims of identity theft, they can file police reports and place fraud alerts or freezes on their credit, he added.
Winsby, who previously worked in Chevron's information technology department, wonders why the information was on the laptop at all.
"It seems to me that data like that should not be on a computer," she said. "A lot of questions need to be answered."
Those affected by the security breach can call Mt. Diablo school district General Counsel Greg Rolen at 925-682-8000 ext. 4001.
Information about identity theft protection is available by calling the Federal Trade Commission at 877-438-4338 or going to www.FTC.gov.
For additional details about the Mt. Diablo burglary, read the On Assignment blog at http://www.ibabuzz.com/onassignment.