Housing wait list posted online contained personal data

Share this article:

A spreadsheet posted online contained sensitive information on nearly 1,000 clients of Pierce County Housing Authority in Washington.

How many victims? 979.

What type of personal information? Names and Social Security numbers were among the information that was posted.

What happened? A spreadsheet containing sensitive information on nearly 1,000 people on the Section 8 housing wait list was posted publicly on the Pierce County Housing Authority website. An investigation is ongoing, but it appears that a former employee may have had a hand in accidentally posting the file.

What was the response? Upon discovery, the housing authority's Florida web team was contacted and the website was shut down for two hours to remove the file. Pierce County Housing Authority is sending letters to all potentially affected clients. The agency is offering classes for clients on what protective actions to take, but regrets it is unable to provide free credit reports due to the high costs involved.

Details: An applicant on the wait list discovered the list on the Pierce County Housing Authority website sometime between Sept. 2 and Sept. 6 and alerted the agency, which immediately worked to take the file down. An investigation is ongoing to determine how long the file was posted and who accessed it, as well as how the file ended up online. A former employee, whose departure has nothing to do with the breach, may be responsible for the file not being encrypted or password protected.

Quote: “It's very disturbing as you can imagine,” said Karen Hull, the Pierce County Housing Authority executive director. “Originally we were waiting for the data people to come back with an answer and unfortunately that didn't happen.”

Source: komonews.com, KOMO News, “Breach leaves nearly 1,000 at housing authority at risk for fraud,” Sept. 10, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

POLL

More in The Data Breach Blog

Backup hard drive stolen from law firm contained personal info

Social security numbers were among the information on a backup hard drive that was stolen from an employee of Imhoff and Associates, PC.

POS malware infections at two OTTO pizzeria locations in Maine

About 900 customers at two OTTO pizzeria locations in Portland, Maine, had payment card data compromised after POS malware was discovered on terminals.

Los Angeles-based health system breached; more than 500 patients affected

Personal information on more than 500 Cedars-Sinai Health System patients was compromised after a laptop was stolen from an employee's home.