MN: Wright County finally notifying residents of data breach due to employee transferring data to his home computer
Courtney Godfrey reports:
Taking work home with you sounds like something a hardworking employee would do, unless that work includes private, sensitive data like it did with one employee in Wright County.
The county knew about the data breach for seven months before notifying possible victims.
It wasn’t until FOX 9 filed a public records request that Wright County notified victims of the data breach.
Now it is seven months after the county became aware that more than 1,000 people were potential victims of the breach.
Read more on Fox9. It seems that the breach was the employee taking PII home on a USB and then transferring the files/data to his home computer. There’s no report of any misuse or sale or other exposure of the data.
Update: KSTP reports that about 72,000 are being notified. And they got the former employee to talk to them (wow!). That individual says that he was an hourly worker and had been told he had to go home, so he took the work with him. He insists he didn’t do anything nefarious with it, but of course, isn’t it possible that his home computer had some malware or compromise at some point?