Allegheny County, Pennsylvania

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Allegheny County, Pennsylvania, experienced a significant data breach that was disclosed to the public on August 2, 2023. This breach occurred on May 28 and 29, 2023, and was part of a global cybersecurity incident targeting the MOVEit file-transfer tool, which the county utilizes for transferring files. The breach was attributed to a Russian-speaking hacking group known as CL0p, believed to be based in Russia. This group has a history of targeting businesses but claims to delete data from organizations, including governments, after their attacks. Despite this claim, Allegheny County has taken the breach seriously and is urging individuals to take precautionary measures to protect their personal information[1][3].

The data compromised in the breach varies depending on the individual’s relationship with Allegheny County but may include sensitive information such as names, Social Security numbers, dates of birth, driver’s license/state ID numbers, taxpayer ID numbers, and student ID numbers. For some individuals, medical information (e.g., diagnosis, treatment type, admission date), health insurance information, and billing/claim information may also have been involved[1].

In response to the breach, Allegheny County has initiated several measures to assist affected individuals. The county has established a dedicated call center (888-990-1333) for individuals to find out if their data was compromised and to seek assistance. The call center is available from 9 a.m. to 9 p.m., Monday through Friday. Additionally, Allegheny County is offering 24 months of free identity protection services to those whose Social Security numbers were involved in the incident. Individuals are encouraged to enroll in these services by contacting IDX at the same call center number by October 31. Affected individuals are also advised to monitor their credit for new inquiries and other signs of potential identity theft[1].

The breach has been reported to have affected over 950,000 residents, making it a significant incident in terms of scale and potential impact on the community[7]. Allegheny County officials, including the chief information officer, Jason Ditzenberger, have emphasized the seriousness of the breach and the importance of taking advantage of the offered credit monitoring and identity protection services[3].

This incident highlights the ongoing challenges and risks associated with cybersecurity, particularly for public entities that manage large volumes of sensitive personal information. It also underscores the importance of vigilance and proactive measures in protecting personal data in the digital age[1][3][7].

Citations:

  1. https://triblive.com/local/allegheny-county-reveals-recent-data-breach/
  2. https://www.columbiagaspa.com
  3. https://www.cbsnews.com/pittsburgh/news/allegheny-county-issues-notice-of-data-breach/
  4. https://www.appalachianpower.com
  5. https://www.idstrong.com/sentinel/allegheny-county-pa-suffers-data-breach/
  6. https://www.pgworks.com
  7. https://www.jdsupra.com/legalnews/allegheny-county-pennsylvania-confirms-1466762/
  8. https://www.upmchealthplan.com
  9. https://www.wtae.com/article/allegheny-county-data-breach/44711090
  10. https://www.cb.bank
  11. https://www.wpxi.com/news/local/allegheny-county-warns-residents-after-data-breach/TNP7NSGLB5BVBG6CCN4BBXJFOE/
  12. https://skillbridge.osd.mil/locations.htm
  13. https://www.myinjuryattorney.com/allegheny-county-pennsylvania-data-breach-investigation/
  14. https://www.citadelbanking.com
  15. https://ago.vermont.gov/document/2023-07-28-allegheny-county-pennsylvania-data-breach-notice-consumers
  16. https://www.bayerhfcu.com
Breach Submission Date Sep 22, 2023
Converted Entity Name Allegheny County, Pennsylvania
Converted Entity Type Business Associate
State PA
Individuals Affected 1,505
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes