Breach, Data Security

County Commissioners Association of Pennsylvania data breach exposes PII


Poor security measures left personal information from the County Commissioners Association of Pennsylvania publicly viewable online.

How many victims? At least 1,800.

What type of information? Names, addresses, dates of birth, social security numbers, and public health information.

What happened? In May 2017, a county children and youth worker spotted the data of more than 1,800 children may have been publicly viewable online. The incident temporarily exposed information in Children and Youth Services databases maintained by a third-party vendor, Avanco International. Officials sent notices those who were affected on June 30.

What was the response? The agency obtained the services of legal counsel with cyber law expertise to remove the information from the Internet and conduct an investigation as well as put security measures in place to ensure the information is better protected moving forward.

Quote: "Counties understand their obligation to ensure sensitive information about the people they serve is kept secure, and take this incident very seriously," CCAP Director of Media and Public Relations Ken Kroski said. "They are confident the measures put in place will provide the necessary privacy and security their clients expect in order to ensure our children are given the care and protection they deserve."

Source: The Evening Sun

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.