A long-awaited state report detailing how Georgia gave out more than 6 million voters’ Social Security numbers and other private data put the blame squarely on a employee fired for the breach last month. That employee, longtime state programmer Gary Cooley, flouted office protocol and policy within Georgia Secretary of State Brian Kemp’s office, according to the internal report about the data breach released Monday by the office and the state Department of Human Resources. The breach, it said, “was due to Mr. Cooley working outside of and circumventing established policies and procedures,” the report concluded. It called for more training, clearer policies and more active management of sensitive data.
After the report’s late afternoon release, Cooley — who until last month had worked either as a contractor or full-time employee for the state since 1995 — said he wanted more time to go through it and planned to issue a response Tuesday.
The report’s public release was the first full accounting by Kemp’s office of the gaffe. It provided more details about what happened, although it also confirmed much of a narrative provided by Cooley two weeks ago to The Atlanta Journal-Constitution.