KRGV Channel 5 aired a special investigation by reporter Christian Von Preysing regarding the mishandling of sensitive information of over 30,000 Cameron County residents last night.
According to the report, the data breach stems from an old Cameron County server KRGV received from an anonymous source who purchased the server at the 77 Flea Market in Brownsville. Inside, IT experts were able to access files from an old Cameron County law enforcement database that contained the names, addresses, social security numbers, driver’s licences, and VIN numbers of thousands of Cameron County residents, files of personal information from the Cameron County Tax and County Elections Offices, as well as a PDF created in 2007 with 900 pages of an estimated 30,000 names, addresses and social security numbers.
When pressed for answers, Cameron County Judge Eddie Treviño, Jr. stated, “We want to confirm that it was part of a particular auction. Not sure if it got auctioned off in the last year, two, three or four. I haven’t been able to determine that, but it was definitely after the policy was in place. So, it’s a concern because it’s either the policy didn’t get followed properly – the information wasn’t removed, scrubbed, destroyed – or two, somebody was doing something that they’re not supposed to do and did this on their own.”
Cameron County Elections Administrator Remi Garza confirmed that the PDF containing 900 pages of sensitive information was a “cross-reference” of registered Cameron County voters.
When KRGV went back to the 77 Flea Market, they spoke to the vendor who sold the server to which he claimed to have purchased multiple servers in a county auction sometime last year. KRGV also subsequently purchased 22 computers marked with Cameron County labels from the same vendor and are currently examining each for any private information that may have been left behind.
If you were a registered voter on or before 2007 residing in Cameron County, you should probably take some necessary steps to protect your identity as it may already be compromised. File a fraud alert with TransUnion, Equifax, and Experian and communicate the potential breach to the IRS. You should also probably subscribe to an identity theft protection agency like LifeLock. If your identity HAS indeed been compromised, you should probably also look into getting a lawyer.
We’ll update this story once more details emerge.
Full Report from KRGV: