Denton County officials announced at last week's Commissioners Court meeting that a recent vulnerability in a third-party application used in vaccination clinics exposed residents’ names, birth dates, email addresses, phone numbers and COVID-19 vaccination information.
County Communications Director Dawn Cobb said Tuesday that app was used for scheduling in vaccine clinics. The vulnerability was discovered on July 7, and the app subsequently shut down for investigation, with officials working with the app’s developers to add security measures before reinstating it.
“We had a total of 326,415 individuals potentially impacted,” Cobb said. “At this particular point in time, we have not had any indication [the information] was accessed.”
County Chief Information Officer Kevin Carr said all potentially involved recipients will be notified with a formal letter, accompanied by the opening of a call center for questions. An investigation has not revealed any misuse of the information, he said, though it was confirmed to be accessible.
The full notice of the vulnerability is available here. Information on Social Security, driver’s licenses, financial accounts and insurance was not collected by the county and thus was not part of the exposure.
An investigation is continuing, Cobb said.