Cyber Incident Victim: Contra Costa County

Unauthorized individuals gained access to employee email accounts at Contra Costa County, California, between June 24, 2021, and August 12, 2021. The breach investigation concluded on March 11, 2022, though the exact date of detection remains unspecified. Forensic analysis confirmed the compromise of accounts belonging to employees of the County’s Employment and Human Services Department. These accounts contained sensitive personal information of both employees and individuals who had previously contacted the department. The county determined it was impossible to confirm whether the intruders viewed or downloaded specific emails or attachments during the access period. Notification letters were dispatched to affected individuals on April 15, 2022, more than nine months after the initial breach window closed.

Exposed information included names, Social Security numbers, driver’s license numbers, state-issued identification numbers, financial account numbers, passport numbers, medical information, and health insurance details. The county offered complimentary credit monitoring services to eligible individuals but did not disclose the total number of affected parties, as the breach had not yet appeared on the HHS Office for Civil Rights breach portal at the time of reporting. No evidence of fraudulent activity stemming from the breach was cited in the substitute breach notice. The incident impacted individuals associated with the Employment and Human Services Department’s operations, though specific system vulnerabilities or attacker methodologies were not detailed in the public disclosure. Contra Costa County’s response included securing the compromised accounts and conducting a forensic investigation, though no additional security enhancements were explicitly described beyond the notification and monitoring offerings.