Georgia Secretary of State Brian Kemp took the blame for a data breach that exposed personal information of more than 6 million Georgia voters.
“I take full responsibility for this mistake and have taken immediate action to resolve it,” Kemp said in a statement. “The employee at fault has been fired, and I have put in place additional safeguards effective immediately to ensure this situation does not happen again.”
Nonetheless, Kemp said voters should stay alert for signs of fraud and identity theft.
Each month, Kemp’s office sends a file of basic voter information, like names and addresses, to some media outlets and political parties. In October, the data included Social Security and driver’s license numbers of all the state’s registered voters.
Kemp’s office has retrieved the data, sent via CD-ROM, and he says he’s confident the information hasn’t been shared.
But that isn’t reassuring to Elise Piper, one of two women who filed a lawsuit over the breach.
“I just think this whole process, the way they collect and transfer and store the data, is so sloppy,” she says. “The fact that they even had the ability to retrieve this sensitive information and burn it on a disc without any sort of oversight or safety measures or encryption speaks to the fact that this whole thing has just been sloppily and irresponsibly handled.”
Kemp says the data downloads will be locked from now on and that only his chief information officer will have access.
His office has listed resources, including a new hotline for voters concerned about their credit, on the Secretary of State’s website.