Cyber Incident Victim: County of Tehama

The County of Tehama, California, detected suspicious activity on its IT systems on April 9, 2022, prompting immediate protective measures to secure its network. An investigation was launched with law enforcement notification, revealing unauthorized access to the county’s IT infrastructure between November 18, 2021, and April 9, 2022. The breach specifically targeted files within the Department of Social Services’ systems. By August 19, 2022, the investigation concluded that personal information of current and former employees, service recipients, and affiliated individuals was compromised. Exposed data included names, dates of birth, mailing addresses, Social Security numbers, driver’s license numbers, and details related to social services received.

On November 17, 2022, the county initiated notification letters to potentially affected individuals and offered complimentary credit monitoring and identity theft protection for those with exposed Social Security or driver’s license numbers. A dedicated toll-free response line (855-926-1376) was established for inquiries, operational weekdays from 6:00 a.m. to 3:30 p.m. Pacific Time. No fraud incidents linked to the breach had been reported as of the announcement date. The county advised vigilance in monitoring financial accounts for suspicious activity. To mitigate future risks, enhanced monitoring and alerting software were implemented across its systems. The incident did not disrupt ongoing county operations or service delivery during the response period.