Scott County, Iowa

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Scott County, Iowa, experienced a data privacy event that was publicly disclosed on April 22, 2022. The county became aware of suspicious activity on November 30, 2021, involving unauthorized messages being sent from an employee email account. This led to an investigation with the assistance of third-party cybersecurity specialists. It was determined that an unauthorized actor had accessed three employee email accounts on October 27, 2021. However, it was not possible to ascertain which email messages in the accounts were viewed by the unauthorized actor. A comprehensive review of the affected email accounts was completed by February 22, 2022, revealing that information related to clients, employees of Scott County, and other individuals who received healthcare treatment or services facilitated by Scott County may have been impacted.

The potentially compromised information varies by individual but may include names, addresses, dates of birth, Social Security numbers, medical information, health insurance information, and financial account information. Scott County has been working to verify the information at issue and locate address information for impacted individuals, a process that is ongoing. Despite these efforts, there has been no evidence of actual or attempted misuse of the information that may have been affected by this incident. Scott County has taken steps to secure the impacted email accounts and is notifying potentially impacted individuals for whom they have valid mailing addresses. They are also notifying state and federal regulators as appropriate.

Scott County encourages individuals to remain vigilant against incidents of identity theft and fraud, to review account statements and explanation of benefits forms, and to monitor free credit reports for suspicious activity and to detect errors. They have provided steps individuals can take to protect their personal information and have made contact information available for those seeking more information about the incident[1].

Citations:

  1. https://www.scottcountyiowa.gov/administration/post/notice-data-privacy-event
  2. https://www.ourquadcities.com/news/crime/trial-in-breasia-terrell-case-set-to-begin-in-scott-county-court/
  3. https://www.scottcountyiowa.gov/sheriff/records-reports
  4. https://www.thegazette.com/state-government/iowa-gov-reynolds-requests-federal-relief-for-6-million-in-mississippi-river-flooding-damages/
  5. https://www.iowaattorneygeneral.gov/media/cms/6242022_Scott_County_Iowa__IA_AEB5EA9D8E5B7.pdf
  6. https://www.desmoinesregister.com/story/news/elections/presidential/caucus/2024/01/06/iowa-caucuses-donald-trump-campaigns-in-iowa-on-3rd-anniversary-of-capitol-riot/72096832007/
  7. https://www.scottcountyiowa.gov/attorney
  8. https://qctimes.com/news/local/government-politics/what-you-should-know-about-the-2023-flood-in-the-quad-cities/article_1e0b1813-191c-532c-b91d-6024ea487df5.html
  9. https://www.co.scott.ia.us/courts/traffic-criminal
  10. https://www.ourquadcities.com/news/crime/vermont-couple-arrested-in-davenport-with-meth-stolen-rv-police-say/
  11. https://www.iowaattorneygeneral.gov/for-consumers/security-breach-notifications/2022-security-breach-notifications
  12. https://iowacapitaldispatch.com/2021/05/24/iowa-supreme-court-sides-with-davenport-church-in-defamation-case/
  13. https://hhs.iowa.gov/locations/scott-county-health-department
  14. https://www.ourquadcities.com/news/crime/russo-accused-in-cancer-scam-set-for-scott-county-court-sentencing/
  15. https://www.desmoinesregister.com/story/news/local/2023/01/06/some-iowa-county-records-inaccessible-suspected-cyberattack-real-estate/69785493007/
Breach Submission Date Jul 25, 2022
Converted Entity Name Scott County, Iowa
Converted Entity Type Business Associate
State IA
Individuals Affected 1,583
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes