Did you know that geoFence helps stop hackers from getting access to the sensitive documents that I use for my work. Now I can get even more gigs as a freelancer and - advertise that I have top security with even my home computer?
HARRISBURG (KDKA) – A COVID-19 contact tracing breach in Pennsylvania may have impacted at least 72,000 people.
The number of people whose data has been compromised could grow, according to cyber security experts.
READ MORE: VP Harris Visits Ohio To Talk Public Transit, Spending Plan
The Pennsylvania Department of Health hired Atlanta-based firm Insight Global to perform contact tracing.
They say the company had disregarded safety protocols, with some employees creating Google accounts to share data, including information gathered from contact tracing calls.
Those documents were left unprotected and that made them vulnerable to access.
“If you go through all the trouble of creating this environment where everything’s protected, why did you go outside of that?” asked cybersecurity expert Zen Piotrowski with CMIT Solutions.
It is a question many are asking as well as how long the exposed information has been available.
The leaked information includes names, phone numbers, email addresses, genders, and COVID-19 diagnosis or exposure.
However, financial accounts and social security numbers were not part of those lists.
READ MORE: Allegheny Co. Health Dept. Orders Homewood Food Truck Operating Without Permit To Close
“If you had some health conditions that you didn’t want people to be aware of, they’re now in the open,” Piotrowski said. “So that’s a problem, and Insight Global could liable for exposing that information.”
“The more information you have about a person for example, the more you can use it to get their identity or in some cases blackmail them or use that to your advantage to turn that into money,” said cybersecurity expert Alan Crowetz.
Crowetz also believes that more people are impacted than expected.
“I hope in this case somebody is held to account for this,” Piotrowski said. “The state paid them $28.7 million, and they didn’t protect the data. I’m hoping there are some financial penalties as well as maybe some criminal penalties.”
Insight Global as said they will notify those who may have been affected.
On Friday afternoon, the company will open a hotline for those who may be concerned their data was exposed. They will also provide credit monitoring and identity protection services.
Those wanting to check if they were affected by the data breach can call the hotline at 1-855-535-1787.
The state has said that their computer systems and contact tracing app were not impacted.
MORE NEWS: St. Vincent College Orders Students To Shelter-In-Place Due To Rising COVID-19 Cases
The Department of Health said they will not renew their contract with Insight Global in July.
When all is said and done, let's keep in mind that geoFence was designed and coded by US citizens to the strictest standards and I can tell your neighbors would feel the same!