Denton County recently notified residents who registered for the county’s COVID-19 vaccination clinics that their personal health information may have been exposed.
On July 7, the county learned that a third-party provider application utilized for Denton County Public Health COVID-19 vaccination clinics had a “vulnerability … that potentially exposed individuals’ data hosted on the system to anonymous users,” according to a county notice. The county immediately shut down the third-party application and launched an investigation to assess the nature and scope of the vulnerability.
The investigation confirmed that there was a configuration error on the third-party application that potentially exposed individuals’ name, date of birth, email, phone number and COVID-19 vaccination data. The county never collected social security numbers, driver’s license numbers or financial account information.
The county says it is not aware of any actual or attempted misuse of information as a result of the incident, but it is still encouraging potential victims to review their account statements and credit reports for suspicious activity.
The county has worked internally and with the third-party provider to implement additional security measures.
Click here for more information.