Tucked away in a small percentage of Jeb Bush’s emails were the names, birth dates and Social Security numbers — the three pieces of information key to identity theft — of more than 12,000 people.

Share story

DES MOINES, Iowa — By posting online all of his personal email from his eight years as Florida’s governor, Jeb Bush sought to show himself as a tech-savvy executive, in touch with constituents and an active administrator.

But tucked away in a small percentage of those hundreds of thousands of messages were the names, birth dates and Social Security numbers — the three pieces of information key to identity theft — of more than 12,000 people, according to an independent firm.

Bush’s attempt to demonstrate transparency comes as he prepares for a likely presidential run in 2016. His political action committee, Right to Rise, wasn’t involved in the email-posting effort, a Bush spokeswoman said.

“This was obviously very innocent,” said Todd Feinman, the chief executive of data security firm Identity Finder who audited the Bush email database and provided the results. “But now we have more than 12,000 individuals who are exposed to the risks of identity fraud.”

Using the website jebemails.com, Bush posted the emails online Tuesday. While Bush’s spokeswoman said the emails numbered about 275,000, Feinman said his audit showed about 333,000 messages.

By Thursday, the private information from all but a few hundred of the emails had been removed, Feinman said.

Bush spokeswoman Kristy Campbell wouldn’t confirm Identity Finder’s report that more than 12,000 people had their private information in the emails but said: “We have redacted every account that we have found.”

While Bush’s team was scrubbing what was posted, there were other ways to access the emails online as late as Thursday afternoon.