Contra Costa County employee emails that were hacked last year included information from individuals who had communicated with the County’s Employment and Human Services Department, according to County officials.
“This information included names and one or more of the following: Social Security numbers; driver’s license or state-issued identification numbers; financial account numbers; passport numbers; and medical information and/or health insurance information,” according to the County, which is offering complimentary credit monitoring to eligible individuals.
An investigation determined that an unauthorized person accessed County employee email accounts at various times between June 24, 2021 and Aug. 12, 2021. The County “immediately took action to secure the accounts and began an investigation upon first learning of the unauthorized access to the employee email accounts,” officials said.
“The investigation did not determine whether any emails or attachments in the accounts were accessed or downloaded by the unauthorized individual; however, the County was not able to rule out the possibility,” officials added.
On Friday, the County began mailing letters to individuals whose information may have been involved in the incident and for whom it has address information. The County is also providing this notice via email and/or website and call center to individuals whose information may have been involved but for whom it does not have a mailing address.
A dedicated, toll-free call center has been set up for individuals to call with questions
about this incident. Impacted individuals may call 1-855-604-1854, Monday through Friday
between 6 a.m. to 6 p.m. Additionally, the County’s website Homepage at
www.contracosta.ca.gov contains information regarding steps that individuals can take to help protect their personal information.
“The County takes seriously the security of data and sincerely apologizes for any inconvenience or concern this incident may have caused,” officials said. “The County has implemented additional safeguards and technical security measures and will continue to make further enhancements to the security of its computer systems and protocols.”