Seth Austin reports:
The Kentucky Energy and Environment Cabinet (EEC) announced they discovered a data security breach on September 8, 2021. According to EEC, unredacted mining permit applications containing some mine owners’ and controllers’ personal information was available for public inspection at Department of Natural Resources’ field offices and on an EEC hosted website.
Internal EEC policy requires redaction of certain personal information including Social Security numbers before permit information is made publicly available. According to officials, some unredacted permit materials were available since sometime in 2015 at public reading rooms located at DNR field offices, and since January 16, 2021 on a public internet database maintained by EEC.
The EEC has a prominently linked notice on their site:
EEC Notice to Media of Data Security Breach 29 Nov 2021 FINAL