Cyber Incident Victim: Klamath County Veterans Service Office

On September 19, 2019, the Klamath County IT Department detected unusual activity within a Veterans Service Office employee’s email account, prompting an immediate investigation. The inquiry confirmed unauthorized access to the account, though the specific method of compromise or duration of access was not disclosed. Klamath County engaged an external data specialist to analyze the account’s contents, revealing that personal information belonging to individuals had been exposed. While the exact nature of the data (PII, PHI, or both) was not publicly confirmed, the county identified most affected individuals through the specialist’s review. The investigation did not uncover evidence of actual misuse of the compromised information. The incident exclusively involved the email account of a single employee within the Veterans Service Office, with no indication of broader system infiltration or additional compromised accounts.

Klamath County began notifying affected individuals on January 2, 2020, advising them to review enclosed protective steps and contact a dedicated toll-free call center operational Monday through Friday from 8:00 a.m. to 5:30 p.m. PST. The call center, reachable at 1-800-939-4170, provided incident-related information and assistance but did not offer credit monitoring or identity theft protection services. Concurrently, the county implemented procedural revisions to mitigate future risks, though specific technical or administrative changes were not detailed publicly. The response emphasized transparency through direct notifications and public acknowledgment of the breach, while reaffirming the county’s commitment to safeguarding personal information. No legal, financial, or operational impacts beyond the notification efforts and procedural adjustments were documented in the provided source material.