Investigates

Pa. Dept. of Health pulls out of hearing on contact tracing data breach exposed by Target 11

PITTSBURGH — A Pennsylvania State Senate hearing on a massive contact tracing data breach that was first exposed by Target 11 was held Tuesday morning, but without the Pennsylvania Department of Health.

>>STORY: Unsecured Pennsylvania COVID-19 contact tracing data exposed by whistleblower to Target 11

Sources told Target 11′s Rick Earle that the Department of Health pulled out of the Senate Communications and Technology Committee hearing, and the contractor was also a no-show.

“Today’s hearing was intended to provide us with much needed answers and clarity to many questions I and many members have of the reported data breach,” said Sen. Kristin Phillips-Hill (R-York).


Insight Global, a staffing company based in Atlanta, Georgia, received a $23 million contract to hire 1,000 contact tracers in an effort to control the spread of COVID-19.

However, some former employees told Target 11 that the company failed to secure the information they collected from contacts.

>>STORY: Demanding answers: Pa. leaders may have known about data breach since February

The breach impacted about 70,000 people across Pennsylvania. Earle discovered that health and other personal information collected during contact tracing was compromised.

A class action lawsuit was filed against the Pennsylvania Department of Health and Insight Global.

The Department of Health told Earle that due to the lawsuit, it pulled out of Tuesday’s hearing because it cannot comment on pending legal action.

“As you can see the chairs are empty. We don’t have answers. Where is that government that works and that is transparent, that’s what I’m asking, that’s what we need,” said Sen. Pat Stefano (R-Connellsville)

Lawmakers were hoping the hearing would allow them to learn much more about the data breach, but without the Department of Health or representatives from Insight Global, things didn’t go as planned.

During brief remarks Tuesday, lawmakers referenced Target 11′s exclusive reporting.

“A WPXI reporter broke the story and has since caused a myriad of reactions by the administration as to when the department was first notified of this breach,” said Phillips-Hill.

Phillips-Hill talked about the emails obtained by Target 11 that show the Department of Health was aware of potential data security issues back in February, but didn’t take any action until April, when Target 11 showed them the unsecured links detailing the personal information.

Lawmakers urged the Pennsylvania Attorney General to open an investigation. In addition, the Senate committee said it would take every measure to get to the bottom of the data breach, including the possibility of issuing subpoenas to force people to appear.

0