Skip to main content
You are the owner of this article.
You have permission to edit this article.
Data breach exposed information of 1 in 4 Wyomingites, health department reports
breaking top story

Data breach exposed information of 1 in 4 Wyomingites, health department reports

  • Updated
  • 0
COVID Testing

Coronavirus sample tubes are stored in a refrigerator at the Wyoming Public Health Laboratory on Sept. 4 in Cheyenne.

A data breach at the Wyoming Department of Health publicly exposed COVID-19, influenza and blood alcohol test data from more than a quarter of Wyomingites and some out of state residents, the department announced Tuesday.

The breach occurred when an employee erroneously uploaded files containing that data to the public code-hosting platform GitHub.

Data for more than 164,000 individuals was uploaded to the site, according to the health department. More than 145,000 people affected are believed to be Wyoming residents who received a COVID-19 or influenza test between January 2020 and March 2021. Blood alcohol test data involved just over 18,000 people, most of whom are Wyoming residents, according to the health department.

The state has about 577,000 residents, according to census data released Monday.

The health department had used GitHub to store and maintain computer code, but “a significant and very unfortunate error was made when the test result data was also uploaded to,” department director Michael Ceballos said in a statement.

The breach exposed the name or patient ID, address, date of birth, test result and date of service of certain residents who had received a COVID-19, influenza or blood alcohol test. It did not expose social security, banking or health insurance information, according to the health department.

Support Local Journalism

Your membership makes our reporting possible.

The range of people who might be affected is broad. Anyone who received a COVID-19 or influenza test between January 2020 and March 9, 2021 may have had their information included in the breach.

Anyone who received a breath alcohol test performed by law enforcement in Wyoming between April 19, 2012 and January 27, 2021 may also be affected.

The health department began sending notices to residents Monday, but explained contact information is incomplete for every affected resident. The department has opened a hotline for residents to confirm whether their data may have been involved.

The department is asking residents who fall into one of the above categories but who do not receive a notice within the next two weeks to call 1-833-847-5916 Monday through Friday, 9 a.m. to 7 p.m. through Aug. 6 to determine if their information was affected.

Anyone who has been affected will receive a free year of identity theft protection, said Wyoming Office of Privacy, Security and Contracts Administrator Jeri Hendricks.

“Because we are committed to the privacy and security of individuals’ protected health information, we have taken steps to help prevent further harm from this situation or similar circumstances from happening again,” Hendricks said. “Files have been removed from the GitHub repositories and GitHub has destroyed any dangling data from their servers. Business practices have been revised to include prohibiting the use of GitHub or other public repositories and employees have been retrained.”

Hendricks added her office had completed an investigation into the incident.

Follow health and education reporter Morgan Hughes on Twitter @m0rgan_hughes


Be the first to know

* I understand and agree that registration on or use of this site constitutes agreement to its user agreement and privacy policy.

Health and education reporter

Morgan Hughes covers health and education in Wyoming. After growing up in rural Wisconsin, she graduated from Marquette University in 2018. She moved to Wyoming shortly after and covered education in Cheyenne before joining the Star-Tribune in May 2019.

Related to this story

Get up-to-the-minute news sent straight to your device.


News Alerts

Breaking News