The network of the city of Tucson, Arizona, experienced a data breach that impacted the details of 123,513 individuals. A notice of the data breach was submitted by the principal assistant city attorney Roi Lusk stating that the breach began on May 17, 2022, and continued through May 31, 2022.
The city discovered the data breach on August 12, 2022, which likely led to the copying of social security numbers of individuals along with names and other personally identifiable information. It was an external system breach wherein the city noticed suspicious activity on a user’s network account on May 29.
Out of the 123,513 individuals affected, 33 were residents of Maine. Upon discovering the suspicious activity, the city hired a team of third-party forensic specialists who reviewed the systems and conducted a thorough investigation to determine the full nature and scope of the crime.
After determining that specific data files may have been exfiltrated on August 4, the city of Tucson undertook a review of all the Information in question. The review ended on September 12 and confirmed that the personal data related to the users were exposed.
A copy of the notice was sent to the affected Maine residents stating that no evidence to prove that the stolen information was exploited or misused in any way was found so far. However, users were asked to watch for suspicious activities in their accounts. For this, the city offered 12 months of complimentary credit monitoring and identity restoration services at Experian.
Bringing better information to people and staff
The city authorities began notifying impacted individuals on September 23, including the 33 residents of Maine on September 29. Further security measures were evaluated to prevent future hacking attempts. Training facilities for its employees in cybersecurity are also underway. Moreover, the city is also offering individuals information on placing fraud alerts.
The guidance also included steps about placing a security freeze on their credit, contact details of the national consumer reporting agencies, learning how to identify theft by reviewing account statements, monitoring free credit reports, and contacting the Federal Trade Commission. Contacting their state attorney general and law enforcement is also included in the guidance scheme offered to the people.