Peace Corps Provides Notice of July Unauthorized Disclosure of Applicant Health Information
September 13, 2017
WASHINGTON, D.C., September 13, 2017 – Peace Corps today announced that a data breach occurred in one of Peace Corps’ applicant record systems. The incident occurred on June 30, 2017 and was discovered on July 11, 2017. The information disclosed includes the following: first and last name, medication, strength/dose, frequency, start date, stop date, and method of delivery (topical, oral). The information was erroneously made available to select individuals with system login credentials for a 12-day period.
Once notified of the breach, immediate action was taken to rectify the situation. Peace Corps removed the sensitive data, ensuring it was no longer available for unauthorized access. Peace Corps has contacted individuals who may have had access to the data to ask them to delete the materials and not discuss the information disclosed. After a thorough assessment of the breach, Peace Corps is not aware of any misuse of applicants’ information and is confident that the risk related to the exposure of this information is limited.
Peace Corps has notified individuals who may have been affected by this breach, as well as the Department of Health and Human Services and other agencies in accordance with applicable regulations and policies. Peace Corps takes the security of sensitive data very seriously and extends its sincere apologies to those that may have been affected by the unauthorized disclosure. If you believe you may have been affected or have questions regarding the disclosure, please contact 855-855-1961, ext. 1236 or [email protected].