An update to a previously noted breach. Scott Merzbach reports:
A public records request by the Daily Hampshire Gazette seeking more information about the disclosure of residents’ personal information through the Amherst municipal website yielded a heavily redacted letter that collector and treasurer Claire McGinnis sent to state Attorney General Maura Healey, notifying her office about the matter.
Read more on Daily Hampshire Gazette.
It’s amazing how little information is disclosed about breaches under public records laws in Massachusetts. They’re apparently barred from disclosing the number of residents impacted and certain other details.
In this case, from what I’ve read elsewhere, residents’ information (and I haven’t found the data types) was exposed on the web site, and it was reported to the Town of Amherst on June 30th by a resident who discovered s/he was able to see another resident’s information. For how long the situation existed or how it happened has not been made public.