Norwalk: Sorry about the SSN on postcards

“Obviously, we’re very sorry and we wish it had never happened”
Tom Jackson
Jan 29, 2014


Norwalk’s mayor says city officials regret mailing out thousands of postcards that list the Social Security numbers of local taxpayers.

City officials have asked the recipients to destroy the cards, and they’ve already mailed out substitute cards that omit the sensitive numbers.

“Obviously, we’re very sorry and we wish it had never happened,” Mayor Rob Duncan said.

More than 8,000 of the postcards were sent to Norwalk taxpayers, providing them instructions on filling out their income tax returns.

The mailer actually consists of two cards joined together at two perforated ends, with the other two ends unsealed.

On the inside, next to the taxpayer’s name, is the taxpayer’s Social Security number.

In theory, a nosy person could stick a finger in one of the card’s unsealed ends, easily popping it open to read the taxpayer’s name and Social Security number.

But that’s not the only risk.

The mailer is perforated because residents were supposed to tear off one half, stick a stamp on it and place it in the mail.

The mail-back portion, however, is the part that features the resident’s Social Security number front-and-center.

It’s addressed to a P.O. Box in Cleveland, which belongs to a publishing house that sends out tax forms on behalf of the city, Duncan said.

Duncan said the Social Security number does not have any dashes or spaces, so it doesn’t necessarily appear to be a Social Security number. A notice on the city of Norwalk’s website refers to a “printing error” on the cards, and asks taxpayers to destroy them.

Replacement cards already have been sent out, Duncan said.

Norwalk resident Jim Westerhold, 81, a former county commissioner, said some of the cards apparently got stuck together in the mail. “My neighbor’s was in my mailbox, too” he said. “Other people, they got stuck together in the mailbox” Westerhold said he’s worried about how many people had access to the numbers. “What’s the printer doing with those Social Security numbers? Are they safe?” he asked.

Westerhold also wondered whose idea it was to send out the cards with Social Security numbers on them. “This thing had to be planned by somebody” he said. Duncan said he wants to find out what happened, too. “That’s what we’re researching right now” he said.

Said Westerhold: “According to everything I’ve heard over the years, you don’t send out your Social Security number” Indeed, the Social Security Administration has issued a pamphlet, “Identity Theft And Your Social Security Number,” warning people that thieves try to obtain Social Security numbers so they can obtain credit cards in other people’s names. “You should be careful about sharing your number, even when you are asked for it” the pamphlet states. “You should ask why your number is needed, how it will be used and what will happen if you refuse”



Good job.......if some crook didn't know, he does now.

Fibber Mcgee

Nice job city, who made this error? At least the number wasn't on the
outside of the mailing ( only if you mailed back).


So who's the bigger idiot, the councilman who forwarded the inappropriate e-mail or the whole council that exposed citizens SS numbers ?

And these people were elected to represent the citizens of Norwalk. Wisdom and public official are not synonymous.


I don't think council would have anything to do with this. It would be from the auditors office since it was tax related. You would have thought that someone would have proof read the card before it was sent out.


Proofread? Office workers proofread? Not since the 90s at least. Heck half the commenters on here can't spell or use proper grammar and you expect the overworked clerks in the auditor's office to not make an aggregious mistake? Actually the responsibility lies with whoever's in charge. Good luck with that.


Sounds like a class action lawsuit just waiting to happen...


How weird... no mention of this on the Norwalk Reflector's on line paper... but it's in Sandusky's.


That's what I thought too.

Fibber Mcgee

Just a guess, but maybe JW contacted the SR and not the NR.


It's WAY to late for "We're sorry," "We didn't intend for it to happen," or "We wish this hadn't happened!" Do you KNOW the prevalence of identity theft? Do you KNOW the typical cost of an identity theft? (Last time I looked at it, it cost an AVERAGE of $60,000 and five years of time to straighten out.)

As far as I'm concerned, this should be investigated to determine who is to blame. That person (or group) should obviously be fired. And whatever entity they worked for (County, City, whatever) should be liable to cover the costs of all of the necessary preventive or remedial measures needed to ensure the safety of people who provided tax data to the government WITH THE ASSURANCE IT WOULD STAY PROTECTED!

Shame, shame, shame! This is just one more instance of government not being as careful as it ought to be because it frankly doesn't CARE as much as it ought to care. Maybe if it costs them enough, they'll feel a little sorrier and work a little harder next time. Maybe.


I totally agree with you SamAdams, some needs to be held accountable for this!! A sorry letter does not fix the neglect this office has done. And as stated, who long is it going to take for anyone to realize, just how bad this could already be while we're sitting here complaining of this issue, fraud can already be taking place, or just sitting on the back burner, waiting for things to calm down first.. Im a Norwalk Citizen and I demand action be taken on this!


Think about this for the cards to be printed a list must exist. Where the cards printed in the custody of the city? Probably not so the list with every Norwalk tax payers name,address and SSN was sent to an unsecure location for printing. Stupid idiots. Fire the lazy insensitive bureaucrat responsible. By these acts of stupidity many are at risk.


All the credit card breaches and mistakes of this nature relating to identity theft are adding up and unfortunately the government will probably take measures to eliminate these types of things by doing away with money and credit cards. They will insist you will be safer by being marked with a barcode to purchase and sell. Now this is when you will want to pick up your bible and read Revelations again and realize what this mark means.


From the NR:

"Diane Eschen, finance director, said the city provided Shamrock, the firm which processed the postcards, information including the Social Security numbers."

The Duncan admin. is pointing it's fingers at Shamrock.

Not unlike the Obama admin. faulting contractor CGI Federal for the disastrous Obamacare rollout.

The city didn't look at a proof?

No accountability for govt. incompetency.

Stay positive Norwalk - you need it.


Again, why would this firm even have to have our social security number?


They wouldn't. The SSN's were clearly provided in error; the printer merely did the usual mail merge with the data it was given. The issue doesn't lie with the printer any more than it does with the Post Office.


Don't worry about it.

It'll all soon be forgotten and then, 'ol Mayor "jobs, jobs, jobs" Duncan can get back to crowing about all the part-time retail jobs that have been created during his admin.

Re-elect Duncan in 2015. Whatever...

JudgeMeNot's picture

LOL. part-time jobs, part-time jobs, part-time jobs or service sector jobs, service sector jobs, service sector jobs. Hope and change. Cha-ching.