KFOX14 discovers sensitive El Paso County cybersecurity audit; officials later remove it
KFOX14 discovers sensitive El Paso County cybersecurity audit; officials later remove it
Publish Date: 2026-06-08 23:25:00
Source Domain: kfoxtv.com
Using an unordered list, summarize the following article with between 4 and 8 key points. EL PASO, TEXAS (KFOX14/CBS4) — A confidential El Paso County cybersecurity audit containing sensitive information about the county’s technology security framework was mistakenly posted online for public access and later removed after KFOX14/CBS4 questioned county officials.KFOX14/CBS4 found the internal malware audit on May 21st while reviewing county records and began asking county officials how the document ended up publicly available and what was being done to prevent a repeat. After days of inquiries regarding the content of the audit, the county responded on June 2nd. County officials were unable to locate the document until KFOX14/CBS4 provided a direct link showing where it was posted. On June 2nd, the audit was removed from public access.RECOMMENDED: El Paso council to discuss options to end Meta data center incentive agreement TuesdayIn a statement, the county said the document was confidential and “unintentionally posted” before it was taken down.Thank you for sharing the link where you found the Destructive Malware Audit. The report you located on our website is confidential information that was unintentionally posted and has since been taken down. Due to the report containing information highly confidential by law, pursuant to the Texas Public Information Act, we ask that you refrain from redistributing this information and that you destroy any copies that you have of the Malware Audit. This information is all confidential pursuant to Texas Government Code Section 552.139. If further distributed, this information could expose the County’s technological vulnerabilities and allow bad actors to exploit this information and cause harm to the County.The County is addressing the issues included in the Malware Audit. Again, thank you again for bringing this to our attention.The El Paso County Auditor’s Office declined a request for an interview with KFOX14/CBS4.KFOX14/CBS4 then took our questions to the county attorney’s office. County Attorney Christina Sanchez said the posting was the result of “human error.”“It was human error. And that is one of the things that as humans, you can’t help sometimes,” Sanchez said.Sanchez reiterated the county removed the document once it was identified.“As soon as it was discovered, it was removed as it should be,” she said.RECOMMENDED: Human rights advocacy group cites 128 alleged violations by law enforcement in El Paso KFOX14/CBS4 asked the auditor’s office how long the audit was online, how many people viewed it, and how many times it was downloaded before it was removed. The county’s response did not address those questions.The County Auditor’s Office acknowledges the inadvertent posting, which was taken down immediately. We have implemented additional measures and controls to ensure that this does not happen again, the response said.When asked whether there should be accountability for the person who uploaded the document, Sanchez said no.“No, because it was an error. I mean, every single one of us has made an error, whether on what we do. And so it is really just reminding the employees, reminding the individuals that handle this information to do a double check and to reaffirm that,” Sanchez said.The county said the issue has been resolved and that a discussion was held with the employee who uploaded the document. Questions about how long the audit was publicly available and who may have accessed the cybersecurity information remain unanswered. Sign up to receive the top interesting stories from in and around our community once daily in your inbox.
