Georgia's data breach affects 6 million citizens
- By Amanda Ziadeh
- Nov 24, 2015
Personal voter information, including Social Security numbers, of more than 6 million voters in Georgia was illegally disclosed last month due to a "clerical error" at Georgia Secretary of State Brian Kemp's office.
According to the Secretary of State's office, private and personal identifying information of state voters was mistakenly included in a statewide voter data file that was sent on disc to twelve groups, including Georgia political parties and media outlets, on Oct. 13. State officials learned of the breach on Nov. 13, and by Nov. 19 had retrieved nine of the 12 discs, with the other three confirmed retrieved and the remaining three "confirmed to be disposed of by the recipients."
According to Kemp's office, "each of the twelve recipients, including the Georgia Republican Party and the Georgia Democratic Party, confirmed that they did not retain a copy of the information, either electronic or otherwise and that the information was not disseminated to any outside groups."
Though third parties can legally buy voter information consisting of the voter's name, mailing address, race, gender, registration date and last voting date, Bankrate reported that the discs also contained Social Security numbers, dates of birth, driver's license numbers and phone numbers -- risking the identity of any Georgian registered to vote as of Oct. 13, 2014.
The employee responsible for the error has been fired, and state officials expressed confidence that the data files are now secure, and were not distributed beyond the 12 recipients. Kemp's office has established a hotline for residents at risk seeking answers at 404-654-6045 and published tips online to prevent fraud.
Data breaches involving personally identifiable information are a growing problem for all levels of government. As recently as 2008, a study put the total number of individuals affected by state and local government disclosures at just 3.8 million for the first nine months of that year. A single 2012 breach in Utah affected 780,000 individuals, and a South Carolina incident that soon followed affected 4.7 million. Georgia's disclosure is larger still -- and at the federal level, of course, this year's breach of Office of Personnel Management databases compromised PII for more than 20 million individuals.
Amanda Ziadeh is a former reporter/producer for GCN.