MN: Wright County finally notifying residents of data breach due to employee transferring data to his home computer

Courtney Godfrey reports:

Taking work home with you sounds like something a hardworking employee would do, unless that work includes private, sensitive data like it did with one employee in Wright County.

The county knew about the data breach for seven months before notifying possible victims.

It wasn’t until FOX 9 filed a public records request that Wright County notified victims of the data breach.

Now it is seven months after the county became aware that more than 1,000 people were potential victims of the breach.

Read more on Fox9.  It seems that the breach was the employee taking PII home on a USB and then transferring the files/data to his home computer. There’s no report of any misuse or sale or other exposure of the data. 

Update:  KSTP reports that about 72,000 are being notified. And they got the former employee to talk to them (wow!). That individual says that he was an hourly worker and had been told he had to go home, so he took the work with him. He insists he didn’t do anything nefarious with it, but of course, isn’t it possible that his home computer had some malware or compromise at some point? 

About the author: Dissent

4 comments to “MN: Wright County finally notifying residents of data breach due to employee transferring data to his home computer”

You can leave a reply or Trackback this post.
  1. Andrew - December 17, 2018

    I was somebody affected by this. Is it possible that there will be a lawsuit?

    • Geri otto - December 17, 2018

      Contact [deleted by site admin] attorneys at law I was also affected I called these guys because they specialize in stuff like this and they are contacting me tomorrow because they have heard about it and they’re not sure if they’re taking the caseload on I’m not but you probably should call them they’re in Minneapolis

      Note from I do not allow attorney advertising on this site — even if the info comes from a client or member of the public. — Dissent

    • Derrick - December 19, 2018

      Yes Andrew.
      This type of breach imposes civil damages of no less than $2500 to each individual affected by the breach.
      Since they are using the “ongoing investigation” as the excuse for the delay, and since they are considering the act a theft; there is justification for people to file a suit.
      Some will try to hire attorneys who have represented large companies in the past, and who, in this case, may work on the government’s behalf.
      Dropping the ball and (while you search for it) kick it over to the defendants.
      Good luck.

  2. ritas smith - December 20, 2018

    I’m another person affected by this does anyone know who he was yet

Comments are closed.