IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Knopp Resigns as Wyoming CIO After Major Health Data Leak

As Wyoming continues to assess the damages involved in a high-profile health data leak, CIO Gordon Knopp has quit his position. State Information Services Administrator Timothy Sheehan is Knopp's current replacement.

Wyoming Capitol Cheyenne
Shutterstock
Gordon Knopp is no longer CIO of Wyoming, according to an announcement yesterday from Gov. Mark Gordon.

Knopp, along with Health Director Michael Ceballos, resigned from their positions following a high-profile leak of sensitive health-care data. The leak impacted more than one-quarter of Wyoming's population.

According to the Associated Press, Knopp couldn't be reached for comment on the reason for his resignation, and the governor's spokesperson declined to comment on the personnel changes.

Knopp had been Wyoming's CIO since February 2019. Before taking the role, he was director of technology and CIO for Laramie County School District No. 1, the state's biggest K-12 school district.

State Information Services Administrator Timothy Sheehan was selected as Knopp's temporary replacement. Sheehan has served in the Wyoming Department of Enterprise Technology Services for over a decade, according to his LinkedIn page.

In April 2021, Wyoming officials broke news that records on many residents’ COVID-19, breath alcohol and flu test results had been exposed.

A Wyoming Health Department (WHD) employee appeared to have improperly handled the data by uploading it to public and private repositories of servers owned by online software development and code hosting platform GitHub. By January 2021, visitors to GitHub’s public platform were able to view the data without authorization.

Ceballos said in an April 2021 statement that employees were only supposed to use GitHub for “code storage and maintenance,” not for storing health information.

The WHD said in April that the data exposed results for about 164,000 Wyoming residents — or about 28 percent of the state’s population of approximately 579,000 — as well as hundreds of Colorado residents.

Personal details such as addresses, birth dates and names were included with the improperly published test results. The leaks didn't expose Social Security numbers or health insurance and financial data.

The data breach appears to have led to new scam attempts, with fraudsters masquerading as health department officials in phone calls to victims. Bad actors would use these false pretenses as cover for soliciting sensitive financial and insurance details from their targets, according to Jeri Hendricks, administrator for WHD's Office of Privacy, Security and Contracts.