The Secretary of State’s Office in Georgia is minus one employee today. The Elections Division sends out each month a CD-ROM with updated voter information in the state. The data on the disc contains every voter, where they live, and their propensity to vote Republican or Democrat along with the elections in which they have voted. The propensity is measured by which primaries they vote in.
Twelve organizations received the CD-ROM from the Secretary of State. Until a week or so ago, no one realized that the October data also contained the social security numbers, birthdates, and drivers license numbers of every one of the voters.
It is the largest breach of personal data by a government in the United States — over 6 million people are affected. The employee who sent out the data has been relieved of his position.
That’s the bad news.
The good news is that the data was only given to twelve organizations. At least one had tossed the data without ever using it. None of the organizations uploaded the information to systems on the internet or into larger databases. It seems the data is largely safe. All twelve are returning the CD’s to the Secretary of State’s Office. Those entities that got them were the state’s Democratic Party, Republican Party, Libertarian Party, and several media outlets.
The state could potentially be liable for damages, but it looks like everyone got very lucky. This time.
This will be a political issue. Democrats are already suing. Georgia’s Secretary of State, Brian Kemp, is seen as a strong contender for the Governor’s job in 2018. This will leave a mark on his resume and it is one that Democrats and competing Republicans alike will want to try to stick to him.
The next few weeks of handling the damage will see whether Kemp can weather the storm.