What Happened?
On February 8, 2023, the City experienced a ransomware incident affecting its network. Upon detecting the incident, the City took immediate action to secure the network, taking systems offline, notifying law enforcement, and initiating an investigation with the help of a third-party forensic firm. Through the investigation, the City determined that between February 6, 2023 and February 9, 2023, an unauthorized actor accessed and/or took certain files stored on City computer servers. The City’s dedicated team of cybersecurity professionals has completed its thorough review of the files confirmed to have been removed from our network. This process was comprehensive and took several months to complete due to the quantity of files that required review.
What Information Was Involved?
Our investigation determined that the unauthorized actor had access to computer systems, and our data analysis determined on July 6, 2023, that certain personal information was stored in the involved files, such as name, address, date of birth, Social Security number, and health information.
What we Are Doing.
On August 17, 2023, the City began mailing letters to residents whose information may have been involved in the incident. In an abundance of caution, the City is offering eligible individuals complimentary credit monitoring and identity protection services. In addition, the City posted notice of this incident on its website, and also established a dedicated, toll-free call center to answer questions that individuals may have. If you believe your information was involved and have any questions about this incident, please call (866) 869-1861, Monday through Friday, 8:00 a.m. to 5:00 p.m., Pacific Time.
What You Can Do.
For individuals whose information may have been involved, we encourage individuals to remain vigilant by reviewing your account statements and credit reports for any unauthorized activity. If you see unauthorized charges or activity, please contact your financial institution immediately. You may contact any of the three nationwide credit bureaus – Equifax, Experian, and TransUnion – to request a fraud alert. Once you place an alert with one of the bureaus, that bureau will send your request to the other two.
|
Equifax: |
Experian: |
TransUnion: |
For More Information
The City is committed to protecting the data it maintains and regrets and inconvenience or concern this incident may have caused. We are continuing to bolster the City’s cybersecurity controls and are grateful for the support of our staff and Oakland community. Individuals with questions about the incident are encouraged to contact the external call center at (866) 869-1861, Monday through Friday, 8:00 a.m. to 5:00 p.m., Pacific Time.
Translated versions of this notice:
数据泄露通知 (Notice of Data Privacy Incident)
Aviso de violación de datos (Notice of Data Privacy Incident)
Thông Báo Về Sự Cố Rò Rỉ Dữ Liệu (Notice of Data Privacy Incident)
