Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Personal Information of 123K Individuals Exposed in City of Tucson Data Breach

The City of Tucson, Arizona, is notifying roughly 123,000 individuals that their personal information was compromised in a recent data breach.

The incident was identified at the end of May 2022, but the city concluded its investigation only last month.

The City of Tucson, Arizona, is notifying roughly 123,000 individuals that their personal information was compromised in a recent data breach.

The incident was identified at the end of May 2022, but the city concluded its investigation only last month.

In a data breach notice on its website, the city says that the incident was the result of compromised network account credentials that allowed the attackers to access files containing the personal information of some individuals.

The exposed data included name, Social Security number, driver’s license number, state identification number, and passport number.

While the city says it has no evidence that the exposed information has been misused, such data is often sold on dark web portals or used for phishing, identity theft, and other types of attacks.

On September 23, the city started informing the impacting individuals of the data breach, and then began notifying the appropriate authorities.

The City of Tucson submitted a notification letter sample to the Maine Attorney General’s Office, saying that just over 123,500 were impacted in the incident.

The city says it was able to contain and remediate the breach soon after identifying it, and that it is also implementing additional measures to improve its cybersecurity.

Advertisement. Scroll to continue reading.

Furthermore, the city announced that it is offering access to credit monitoring services to the impacting individuals, at no cost, along with guidance on how to protect themselves against identity theft and fraud.

Related: Supply Chain Attack Targets Customer Engagement Firm Comm100

Related: Optus Says ID Numbers of 2.1 Million Compromised in Data Breach

Related: Auth0 Finds No Breach Following Source Code Compromise

Related: Fast Company Hack Impacts Website, Apple News Account

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.