Cyber Incident Victim: Dakota County
Date:
Feb 2019
Location:
United States of America
Summary
An unauthorized actor accessed an employee email account at Dakota County, compromising sensitive client information. The breach exposed personal and protected health data, including names, addresses, Social Security numbers, driver’s license details, health insurance information, and medical histories for approximately 1,000 individuals. Following discovery, the county secured its systems by resetting all email passwords, implementing enhanced authentication protocols, and initiating an investigation with cybersecurity experts. Affected clients received notification letters offering complimentary identity protection services and access to a dedicated call center. While no misuse of the compromised information was confirmed, the incident was reported to federal health authorities and credit agencies as a precautionary measure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 13, 2019, Dakota County discovered unauthorized access to an employee email account within its Social Services Department. The county immediately secured its email system and network by resetting all employee email account passwords and implementing an additional authentication layer for remote network access. An investigation was initiated with assistance from independent cybersecurity experts to determine the scope and nature of the breach. By March 27, 2019, the investigation revealed that approximately 1,000 current and former clients had their protected health information exposed through messages in the compromised email account. The exposed data included names, addresses, driver's license numbers, Social Security numbers, health insurance details, and medical information such as treatment history and diagnoses. No evidence suggested misuse of the compromised information at the time of discovery.
Dakota County mailed notification letters to all affected individuals on April 12, 2019, detailing the incident and outlining protective measures. The county established a toll-free call center operational weekdays from 8:00 a.m. to 7:00 p.m. Central Time (1-800-939-4170) for inquiries and concerns. Complimentary identity protection services through ID Experts were offered as a precautionary measure. Regulatory notifications were made to the U.S. Health and Human Services Office for Civil Rights and consumer reporting agencies. The county emphasized its commitment to information security and expressed regret for any inconvenience caused, while implementing additional safeguards to prevent future incidents.