Pennsylvania Attorney General Josh Shapiro
Matt Rourke / AP Photo
Pennsylvania Attorney General Josh Shapiro
Matt Rourke / AP Photo
(Harrisburg) — The Pennsylvania attorney general said Wednesday his agency has begun looking into a breach of COVID-19 contact tracing data that may have compromised private information of some 72,000 people.
“Any allegations of sensitive personal information being mismanaged or leaked is a serious matter,” Attorney General Josh Shapiro, a Democrat, said in a written statement. “My office has opened investigations into this data breach on multiple fronts, and as such we will have no further comment at this time.”
The state Health Department disclosed two weeks ago that employees of a contact tracing vendor ignored security rules and created unauthorized documents outside the state’s secure computer systems.
The company, Atlanta-based Insight Global, acknowledged it mishandled sensitive information and apologized. It said workers had set up unauthorized Google accounts for sharing information, including the names of people who might have been exposed to COVID-19, whether they had any symptoms, how many people lived with them and, in some cases, their email addresses and phone numbers.
The state has paid Insight Global about $28.7 million since March 2020.
The Health Department has said some of the records in question associated names with ages, COVID-19 diagnoses and other private information but did not include financial account information, addresses or Social Security numbers.
Get insights into WITF’s newsroom and an invitation to join in the pursuit of trustworthy journalism.
The days of journalism’s one-way street of simply producing stories for the public have long been over. Now, it’s time to find better ways to interact with you and ensure we meet your high standards of what a credible media organization should be.