A lawsuit filed on Tuesday in Fulton County Superior Court, Georgia, alleges that the office of Secretary of State Brian Kemp released personal identifying information (PII) of Georgia voters to 12 organizations, including statewide political parties and news media.
How many victims? Six million.
What type of personal information? Dates of birth, Social Security numbers and drivers’ license numbers.
What happened? “Our office shares voter registration data every month with news media and political parties that have requested it as required by Georgia law,” Kemp said in a statement. “Due to a clerical error where information was put in the wrong file, 12 recipients received a disc that contained personal identifying information that should not have been included.”
What was the response? Kemp said his office has taken “immediate corrective action, including contacting each recipient to retrieve the disc…” However, the lawsuit alleges that no consumer reporting agencies and “not a single Georgia citizen” have been informed of the breach.
Details: Kemp said information was put in the wrong file and then sent to 12 recipients who received a disc that contained the PII. It has not yet been determined how the PII was included in the file, and it is not known whether it was an internal error or the fault of an outsider contractor.
Quote: “This violated the policies that I put in place to protect voters personal information.” – Brian Kemp, secretary of state, Georgia .
Source: Atlanta Journal-Constitution, “Georgia: ‘Clerical error’ in data breach involving 6 million voters”