Cyber Incident Victim: Oklahoma City Housing Authority

On December 21, 2021, the Oklahoma City Housing Authority discovered unauthorized emails originating from an OCHA email account, prompting an immediate investigation with third-party forensic specialists. The investigation determined that unauthorized access to OCHA email accounts potentially occurred between November 30, 2021, and December 21, 2021, though investigators could not definitively confirm whether threat actors actually accessed or exfiltrated specific files during this period. Following the containment of the email account compromise, OCHA conducted a comprehensive review of potentially exposed files to identify affected individuals and the nature of sensitive information involved. This review concluded on June 7, 2022, confirming that the breach potentially exposed personally identifiable information, though OCHA stated no evidence existed of actual or attempted misuse of compromised data. The organization subsequently completed address verification for notification purposes by June 16, 2022, nearly seven months after initial detection.

The compromised information varied among individuals but included names, Social Security numbers, driver's licenses or government identification documents, financial account details, and medical or health information. In response, OCHA conducted an internal review of existing security systems and policies, implementing unspecified additional safeguards to enhance data protection. The organization offered affected individuals complimentary access to Experian identity monitoring services for 12 to 24 months, requiring enrollment through instructions provided in individual notification letters. OCHA established a dedicated assistance line operating six days weekly with extended weekday hours to address inquiries about the breach. Public notification occurred via press release on July 22, 2022, over eight months after initial detection and six weeks after completing individual address verification.