The public information on the server includes documents regarding real estate, recorders’ document searches, sanitary engineering, utility billing and dog tags.
Graham said those people who use common user names and passwords may want to change those in other accounts. The county also will be contacting the estimated 250 users whose information may have been accessed.
“We know that people like to use one password for multiple purposes,” Graham said. “So that’s where our concern is — that if you had a user name and password on our system that was the same user name and password that you use for your bank account, we want to make sure you know.”
The Greene County Sheriff’s Office is investigating with help from Greene County Information Technology Director Steve Tomcisin.
“Through this we discovered that there was a vulnerability and we’re taking steps to address it,” he said. “The county’s in the process of taking steps to make sure that we have the list of users and we’re going to be proactive and notify them that this is what has taken place and you need to take the necessary precautionary measures.”
Graham said more sensitive information like credit card numbers are kept on internal servers and never were at risk.
“We’re looking at the design in the program they were able to get in through and addressing those issues,” Graham said. “We may be buying additional software so we can more closely monitor when people would try to hack in.”
Contact this reporter at (937) 225-6951 or mgokavi@DaytonDailyNews.com.
About the Author