The County of Tehama in California has begun alerting staff members, customers, and partners that a data breach may have exposed their personal information. According to Tehama County, the incident was discovered on April 9, but it took until August 19 to conclude that personally identifiable information (PII) had been exposed. The inquiry showed that an illegal third party accessed data on the county’s department of social services systems between November 18, 2021, and April 9, 2022.
“The County of Tehama determined that information pertaining to certain current and former County of Tehama employees, recipients of services from the County of Tehama Department of Social Services, and other affiliated individuals was contained in one or more of those files,” says the county.
Names, addresses, birth dates, Social Security numbers, driver’s license numbers, and information regarding the services that the impacted people may have gotten from the social services department were among the information that was compromised. The county claims that it has not been made aware of any reports of fraud connected to the incident in a notice issued to the affected people, a copy of which was provided to the California Attorney General’s office. Nevertheless, the county advises the people affected to exercise caution.
According to the county, anybody whose Social Security number or driver’s license number was compromised is eligible for free credit monitoring and identity theft protection services. Tehama County has not yet disclosed the precise number of affected people.
The county declined to provide information on the type of malware attack it experienced. However, in June, the creators of the Quantum ransomware leaked over 32 gigabytes of data that they claimed to have taken from the county’s systems. Financial data, HR data, payroll files, PII, IDs, birth certificates, incident reports, Covid immunization cards, medical data, insurance data, criminal record records, and other private documents are apparently among the stolen data.