Housing wait list posted online contained personal data

Share this article:

A spreadsheet posted online contained sensitive information on nearly 1,000 clients of Pierce County Housing Authority in Washington.

How many victims? 979.

What type of personal information? Names and Social Security numbers were among the information that was posted.

What happened? A spreadsheet containing sensitive information on nearly 1,000 people on the Section 8 housing wait list was posted publicly on the Pierce County Housing Authority website. An investigation is ongoing, but it appears that a former employee may have had a hand in accidentally posting the file.

What was the response? Upon discovery, the housing authority's Florida web team was contacted and the website was shut down for two hours to remove the file. Pierce County Housing Authority is sending letters to all potentially affected clients. The agency is offering classes for clients on what protective actions to take, but regrets it is unable to provide free credit reports due to the high costs involved.

Details: An applicant on the wait list discovered the list on the Pierce County Housing Authority website sometime between Sept. 2 and Sept. 6 and alerted the agency, which immediately worked to take the file down. An investigation is ongoing to determine how long the file was posted and who accessed it, as well as how the file ended up online. A former employee, whose departure has nothing to do with the breach, may be responsible for the file not being encrypted or password protected.

Quote: “It's very disturbing as you can imagine,” said Karen Hull, the Pierce County Housing Authority executive director. “Originally we were waiting for the data people to come back with an answer and unfortunately that didn't happen.”

Source: komonews.com, KOMO News, “Breach leaves nearly 1,000 at housing authority at risk for fraud,” Sept. 10, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in The Data Breach Blog

Florida medical center hit with breach for third time in two years

Aventura Hospital and Medical Center has reported a data breach for the third time in two years.

Tampa General Hospital breach impacts hundreds of patients

Tampa General Hospital is notifying 675 patients that their personal information may have been accessed, without authorization, by a former employee.

George Mason University travel system targeted for malware attack

The incident could have exposed the names and Social Security numbers of users, although no evidence has surfaced to suggest that's the case.