Data breach in Georgia hits 6 million

At Bankrate we strive to help you make smarter financial decisions. While we adhere to strict , this post may contain references to products from our partners. Here’s an explanation for

Social Security numbers and other sensitive personal information of more than 6 million voters in Georgia is at risk after a “clerical error” at Georgia Secretary of State Brian Kemp’s office.

Kemp’s office mistakenly sent computer discs containing voter information to 12 organizations, including political parties and news media, according to the Atlanta Journal-Constitution.

Two Georgia women have filed a class action lawsuit.

How did this happen?

Kemp’s office, by Georgia law, shares voter registration data each month with news media and political parties.

“Due to a clerical error where information was put in the wrong file, 12 recipients received a disc that contained personal identifying information that should not have been included. This violated the policies that I put in place to protect voters’ personal information,” Kemp said in a statement.

Kemp said these 12 organizations received the discs containing voter information: the Georgia Democratic Party, the Georgia Republican Party, the Georgia Libertarian Party, the Independence Party of Georgia, the Southern Party of Georgia, Atlanta Journal-Constitution, Macon Telegraph, Savannah Morning News, Georgia GunOwner Magazine, Georgia Pundit, News Publishing Co. and RedState.

And while 3rd parties can legally purchase voter lists from the state, that info should legally contain only a voter’s name, residential or mailing address, race, gender, registration date and last voting date. The information sent out contained more than that.

Officials say the information was sent on Oct. 13, but they may not have realized the mistake until 35 days later when they were served the lawsuit.

What was compromised?

Aside from names, addresses and dates of birth, the data included (when provided) Social Security numbers, driver’s license numbers, phone numbers, gender and race, according to Kemp’s office.

Should I be worried?

This breach affects anyone registered to vote in Georgia – around 6.2 million people, according to the Journal-Constitution.

If you’re registered to vote, you could be at risk of identity theft, although Kemp’s office said all 12 discs were either retrieved or destroyed.

“As of 11 a.m. on Thursday, Nov. 19, 2015, all 12 discs have been accounted for,” according to a statement from Kemp’s office. “Nine discs were retrieved by the secretary of state’s office. The other 3 were confirmed to be disposed of by the recipients. Each of the 12 recipients, including the Georgia Republican Party and the Georgia Democratic Party, confirmed that they did not retain a copy of the information, either electronic or otherwise, and that the information was not disseminated to any outside groups.”

What should I do?

Kemp’s office has set up a hotline at (404) 654-6045 for residents who have questions. Kemp’s office says it is not calling residents regarding the breach and warns to look out for scammers posing as government officials seeking credit card or Social Security numbers.

If you’re worried you may be at risk, immediately pull your credit report and credit statements to start looking for suspicious activity. And continue to monitor your reports closely. Report any activity that you suspect to be fraudulent to your credit card issuer.

You can pull your free credit report from

Follow me on Twitter: @MitchStrohm.