Last Updated: January 18, 2022
Contact tracing has been an invaluable asset in the fight against COVID-19. What contact tracing does is identify close contacts of positive individuals to track whether they develop symptoms after the exposure. In this way, the contacts can self-isolate/quarantine, monitor their health, and possibly get tested.
After a confirmed positive test, public health workers contact patients by phone to give instructions on what (not) to do during their recovery. The patients are also asked about their recent whereabouts as well as information on the people they’ve been in contact with. Everything shared with the public health workers is confidential, that is, unless a data breach exposes your information to prying eyes.
On April 21, contact tracing vendor Insight Global realized that the personal information of more than 72,000 Pennsylvanians had been exposed. Insight Global had been contracted by the Commonwealth of Pennsylvania for its contact tracing services.
Affected is a portion of individuals that had been contacted for contact tracing between September 2020 and April 21, 2021. Insight Global claims to have taken appropriate security measures (completed by April 23) after recognizing the leak.
Unauthorized Documents Expose Patients’ Data
The breach was executed by rogue employees of Insight Global who used unauthorized Google accounts to share patients’ sensitive information. Fortunately, the leaked information doesn’t include Social Security numbers, financial account information, or payment card information. Still, it does include names, positive/negative COVID-19 status, symptoms, number of household members, and even telephone numbers and e-mail addresses in some cases.
As the investigation is still ongoing, it isn’t clear who got access to the leaked classified information. Those whose information is suspected to be leaked will be informed via e-mail.
In a statement, Insight Global stated, “We deeply regret this happened and are committed to restoring the trust of any residents of Pennsylvania who may have been impacted. All necessary steps are being taken to secure any personal information, and we intend to learn and grow from this.”
How to Protect Yourself From Identity Theft
Data breaches such as this often leave the affected individuals in danger of becoming victims of identity theft. Recent statistics about identity theft are worrying—there’s a new victim of identity theft every 2 seconds, and 1,387,615 identity theft reports were filed only in 2020.
As data breaches are becoming more common, it’s vital that you do what you can to protect yourself from identity theft. Make sure all your passwords are strong and not compromised, don’t fall victim to phishing scams, protect your personal documents, never give out personal information on the phone to unverified sources, and use a VPN to hide your IP address (we recommend Surfshark and NordVPN – you can read our in-depth reviews here and here).
If you feel overwhelmed by all this or simply want to be extra careful, you can always pay for the services of an identity theft protection company to do the job for you.