On Dec. 14, 2020, Pitkin County discovered potential unauthorized access to a file containing information on COVID-19 case investigations and contact tracing. Officials investigated the incident and found that the file was inadvertently accessible via the internet between Oct. 1 and Dec. 14.
Pitkin County immediately took steps to cut access to the case files from the internet and is in the process of reporting the data breach to state and federal regulators. Information exposed in the breach varied by individual but includes names, addresses, dates of birth, employer and/or school names and underlying health conditions. The affected file did not contain any Social Security or financial information.
Officials are offering any affected individuals free access to 12 months of credit monitoring and identity restoration services.
More articles on cybersecurity:
MD Anderson avoids $4.3M HIPAA penalty
Texas practice email hack exposes info of 20,787 patients
Hackers leak Moderna, Pfizer vaccine data stolen in EU cyberattack online
