Efforts to restore thousands of lost evidence logs and other data from the Pennsylvania State Police crime labs continues, according to a spokesman for the agency.
The data re-entry is being done both manually and through automation by lab personnel to ensure its accuracy and compliance with accreditation standards, said state police spokesman Myles Snyder. He further reiterated that the physical evidence held by the crime labs remains secure and was never compromised.
Officials from Gov. Josh Shapiro’s administration on Monday confirmed data stored on the state’s computer system servers had been deleted affecting at least the state police and the State Employees’ Retirement System.
The administration said human error was to blame and confirmed one employee in the governor’s Office of Information Technology was fired. Multiple sources said there were at least two firings with other personnel changes resulting from the Jan. 3 incident that involved the state’s 77 servers.
Dan Egan, a spokesman for the governor’s Office of Administration that oversees the information technology office, said they cannot comment on personnel matters. That is a break from past administrations’ practice of releasing a state worker’s termination date upon request.
Egan further disputed reports that remote work by an IT employees, many of whom telework full-time or part-time, contributed to the error.
The Office of Administration “took immediate action internally to address this incident and is conducting a thorough review and update of information technology policies, procedures, processes, and controls to prevent this kind of human error from happening again,” Egan said.
He said state police as well as the Office of Administration continue to review this incident.
When police collect evidence for criminal cases, a ”chain of custody” log is created to document every person who handles each piece of evidence. The rules are designed to ensure the evidence is handled correctly and not tampered with as it’s being tested and transported for court hearings.
Evidence is normally kept in envelopes that are sealed, and the chain of custody log is attached to the envelope, along with case numbers, the police officer assigned to the case and the police department.
The digital files that duplicated this information is what was deleted, according to a county district attorney in Pa., who said they were notified immediately after the deletion and was told that much of the data had been recovered.
The district attorney doubted that the lost data will impact prosecution of cases, although there is an expectation that defense attorneys may try to raise it as an issue.
Kelly Callihan, executive director of the Pennsylvania District Attorneys Association, confirmed her association was told of the data deletion affecting the state police crime labs and it immediately notified county district attorneys.
“PDAA advised the district attorneys there should be minimal impact on cases as PSP labs have policies for internally tracking evidence and documenting forensic testing that is done; often referred to as the “old-fashioned-way” of managing evidence in terms of chain of custody. PDAA will continue to monitor the situation. I have not received any reports of problems district attorneys are having as a result of this data issue,” she said in a statement.
As for the state employees’ pension system, the data loss impacted log-in information to members’ online accounts requiring them to verify their identity upon signing on and create new four-digit PINs. It also deleted any member-calculated pension estimate in their online member service account.
But SERS spokeswoman Pam Hile said the system impacted by the data loss was a secondary system that provides members with snapshot-in-time pension benefit data such as benefit summary, annual statements and tax documents. She said Office of Administration and SERS tech staff worked to identify the data that could be retrieved and rebuilt and what was affected.
No pension data has been lost, she said.
However, smaller independent employers such as Shippensburg University Student Services Inc. and the Public Housing Finance Agency would need to re-enter any partially entered or unposted batches of personnel and payroll data that was not saved, she said.
Meanwhile, Senate Republicans are exploring a path forward to investigate how the data deletion happened and how a recurrence can by avoided, said Sen. Kristin Phillips-Hill, R-York County, who has authored a number of bills relating to information technology and cybersecurity.
Staff writer Christine Vendel contributed to this story.
Jan Murphy may be reached at [email protected]. Follow her on X at @JanMurphy.