Content article
A privacy breach that may have exposed Brantford municipal staff job application records, vaccination status and personal addresses was announced by the city on Wednesday evening.
Content article
A news release sent out by the city said the breach was in an internal intranet system, which is only accessible to city staff, and not on its external website.
“The public at large does not have access to the city’s intranet site at any time,” said the news release.
“Unfortunately, the breach occurred due to incorrect access permissions and configuration settings.”
The Information and Privacy Commissioner has been notified of the breach but hasn’t yet replied.
The personal information that may have been viewed included names and addresses related to an employee fundraising initiative and COVID-19 screening forms that staff complete before entering the workplace.
“The City of Brantford understands the importance of protecting the information that we retain and takes the responsibility of maintaining residents’ and staff private information very seriously,” said the release.
Once the breach was discovered, the city’s information technology staff took steps to secure the intranet site, including a review of access permissions. New processes and controls were set up to ensure personal information collected in the future is further protected.
The city sent letters to all whose information may have been breached, describing the incident, identifying the groups involved, outlining the steps that had been taken and suggesting steps that those involved could consider taking.
@EXPSGamble