10, 000 people's files leaked in COVID-19 data breach in Delaware

[Destry Winant <destry () riskbasedsecurity com>]

https://www.wgal.com/article/10000-peoples-files-leaked-in-covid-19-data-breach-in-delaware/34682398#

On Sunday, Delaware Public Health officials disclosed that an
unauthorized person mistakenly received personal information of
thousands of people who were tested for the coronavirus over the
summer.

Delaware's Division of Public Health says a temporary staff member
sent two unencrypted emails in August which included files for 10,000
people.

Officials say the mistake occurred when the temporary staffer sent an
internal email, meant to be distributed to employees of a call center
who help people obtain their test results, to a unauthorized user. The
person who received the emails on Aug. 13 and Aug. 20 alerted the
division about the error and reported deleting the messages.

The first email had the information of people tested between July 16
and Aug. 10. The second email included the data of people tested on
Aug. 15.

The leaked files included:

- COVID-19 test results
- names
- birth dates
- phone numbers

The files did not include financial information.

The person who sent the emails is no longer employed by the Delaware
Department of Health or the temporary staffing agency. Staff at the
Department of Health have been retrained on the appropriate policies
and procedures.

Officials have reported the breach to the U.S. Department of Health
and Human Services and the Delaware Department of Justice. Starting
Monday a call center will open to provide information about the data
breach. People with questions can call 1-833-791-1663.
_______________________________________________
BreachExchange mailing list sponsored by Risk Based Security
BreachExchange () lists riskbasedsecurity com

If you wish to Edit your membership or Unsubscribe you can do so at the following link:
https://lists.riskbasedsecurity.com/listinfo/breachexchange