Housing wait list posted online contained personal data

Share this article:

A spreadsheet posted online contained sensitive information on nearly 1,000 clients of Pierce County Housing Authority in Washington.

How many victims? 979.

What type of personal information? Names and Social Security numbers were among the information that was posted.

What happened? A spreadsheet containing sensitive information on nearly 1,000 people on the Section 8 housing wait list was posted publicly on the Pierce County Housing Authority website. An investigation is ongoing, but it appears that a former employee may have had a hand in accidentally posting the file.

What was the response? Upon discovery, the housing authority's Florida web team was contacted and the website was shut down for two hours to remove the file. Pierce County Housing Authority is sending letters to all potentially affected clients. The agency is offering classes for clients on what protective actions to take, but regrets it is unable to provide free credit reports due to the high costs involved.

Details: An applicant on the wait list discovered the list on the Pierce County Housing Authority website sometime between Sept. 2 and Sept. 6 and alerted the agency, which immediately worked to take the file down. An investigation is ongoing to determine how long the file was posted and who accessed it, as well as how the file ended up online. A former employee, whose departure has nothing to do with the breach, may be responsible for the file not being encrypted or password protected.

Quote: “It's very disturbing as you can imagine,” said Karen Hull, the Pierce County Housing Authority executive director. “Originally we were waiting for the data people to come back with an answer and unfortunately that didn't happen.”

Source: komonews.com, KOMO News, “Breach leaves nearly 1,000 at housing authority at risk for fraud,” Sept. 10, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.