Frequently Asked Questions:
What happened?
On Friday, November 13, 2015, the Georgia Secretary of State’s office became aware of an error that led to twelve compact discs containing Georgia voters’ personal identifying information being mailed to Georgia political parties and news media—groups which the office is legally required to send voter data. Since the incident was identified, the office took immediate action to remedy the error and ensure Georgia voter’s personal information is secure. Each recipient of the data has confirmed that the personal identifying information was not compromised. The office is confident that Georgia voters’ personal information is secure. The Georgia Voter Registration System was not compromised and remains secure, and additional safeguards have been put in place to ensure that such an error does not happen again. For your peace-of-mind, the Georgia Secretary of State’s office has partnered with CSID to provide complimentary credit and non-credit identity protection coverage to all Georgia voters.
CSID Protector Coverage Includes:
- TransUnion Credit Monitoring
- Internet Surveillance
- Change of Address Monitoring
- Social Security Number Trace
- Identity Restoration
Impacted Individuals
All registered voters in Georgia as of October 13, 2014 may be impacted. To check if you are registered voter, visit the Georgia My Voter Page at www.mvp.sos.ga.gov.
What happened in this incident?
The Georgia Secretary of State’s office is required by law to send voter data to groups that request it, but this data is not supposed to include personal identifying information such as Social Security numbers, driver’s license numbers, and dates of birth. In October 2015, an IT error led to the inadvertent inclusion of voters’ personal identifying information (including date of birth, driver’s license number, and Social Security number) on twelve discs that were sent to Georgia political parties and news media—groups that regularly request and are legally entitled to voter lists. Upon learning of the incident, the Secretary of State’s office immediately reached out to each recipient in order to secure the data. Each recipient confirmed that the data was not compromised. The Secretary of State’s office retrieved ten discs and two discs were confirmed to be disposed. If you were a Georgia registered voter as of October 13, 2015, your date of birth, Social Security number, and driver’s license number may have been included on the discs. The IT employee responsible for the error was terminated.
Was the Georgia Voter Registration System hacked?
No. The system was not hacked and it remains secure. Unlike in cases where data is stolen by malicious hackers, this incident involved twelve discs being sent to known, non-malicious entities. Due to an IT error, the discs contained information that they should not have contained. None of the recipients, which included the Atlanta Journal-Constitution, Macon Telegraph, Rome News, and Savannah Morning News are cyber-criminals who are seeking to steal your personal data. The Georgia Voter Registration System remains secure and processes have been put in place to ensure that any future instances of human error do not result in an inadvertent release of confidential information.
Will my personal information be used to steal my identity?
In this case, not likely. The personal identifying information was inadvertently made available to twelve known recipients, including Georgia political parties and news media. Each recipient has confirmed that the data was not compromised. The data has been secured. Nevertheless, consumers can take measures to ensure their information is not used maliciously. There are several ways this can be done: by placing a fraud alert on their credit file; by placing a security freeze on their credit report; and by using credit and non-credit monitoring services.