October 14 – The employee, according to a letter Secretary of State Brian Kemp sent to state legislators, “corrected his mistake” by removing the personal information but “never notified anyone of the change, or of the period when personal information was on the file”. He says staff confirmed that the 12 recipients hadn’t copied or disseminated the voter information.
Advertisement
Photo by Associated Press /Times Free Press.
Kemp’s focus on the physical discs also flies in the face of everything we know to be true about data.
The state Attorney General’s Office did not immediately respond to inquiries about whether it would investigate the Secretary of State Office’s handing of the data, or if the Law Department’s Office of Consumer Protection would advise voters about what they should do in the wake of the alleged security lapse. The state spent almost $50 million on credit monitoring services. “It is my top priority to protect the personal information of all Georgians”.
“When you get a Social Security number and a date of birth, you’ve got everything you need to do tremendous damage to these consumers”, said Stephen Coggeshall, the chief analytics and science officer for data security firms LifeLock and ID Analytics. “They will go out, run up a big bill and when it’s not paid, a collection agency comes looking and finds you, not the crook”.
Also, request copies of your credit report to review for suspicious activity. It warned against fake emails or calls offering monitoring by the Secretary of State’s office.
Last Friday, Georgia voters’ personal information was inadvertently included on a statewide voter file that was sent to news media and political parties, due to a clerical error in the IT Division.
“The good news is while there could be a few people who are using voter files for identify theft and other things, this was only one month’s worth of the data … and I think most likely the common users of this data aren’t so much motivated by that”, McDonald said. The files are only supposed contain voter name, residential address, mailing address if different, race, gender, registration date and last voting date, however.
Wagar said he found a disc from November at his home but could not find October’s. “It is unclear how all of this information has been collected and why the complete social security number of each voter is maintained, if it is not required at the time of registration”.
“I was happy to turn it over”, she said.
Kemp said in a statement that the personal information was put in the wrong file because of a “clerical error”. Kemp earlier said an unnamed IT employee was responsible and has been fired.
Advertisement
That’s when several organizations, including The Atlanta Journal-Constitution, were contacted by investigators from Kemp’s office and asked to return the data discs containing the information. “So you put the proper oversight in place and decrease the likelihood these type of accidents don’t occur in the future”.
