California Department of Corrections and Rehabilitation

In August 2013, the California Department of Corrections and Rehabilitation disclosed a data breach at Centinela State Prison. The incident, which took place between July 26 and July 29, 2013, involved unauthorized access to a file containing sensitive personal information of employees. The compromised data included names, dates of birth, and Social Security numbers, though the exact number of affected individuals remains undetermined. The breach exposed critical employee records, raising concerns about potential identity theft, financial fraud, or misuse of the stolen information. As a government-operated correctional facility, the exposure of such data not only jeopardizes the privacy and security of its workforce but also underscores vulnerabilities in the state’s cybersecurity protocols for handling sensitive personnel records. The incident highlights the risks associated with inadequate safeguards in public sector institutions, where employee data is a prime target for malicious actors.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-42518

TPRM report: https://www.rankiteo.com/company/california-department-of-corrections-and-rehabilitation

"id": "cal727082025",
"linkid": "california-department-of-corrections-and-rehabilitation",
"type": "Breach",
"date": "7/2013",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'Public Administration / Corrections',
                        'location': 'California, USA',
                        'name': 'Centinela State Prison',
                        'type': 'Government (State Prison)'},
                       {'industry': 'Public Administration / Law Enforcement',
                        'location': 'California, USA',
                        'name': 'California Department of Corrections and '
                                'Rehabilitation',
                        'type': 'Government Agency'}],
 'data_breach': {'number_of_records_exposed': 'Unknown',
                 'personally_identifiable_information': ['names',
                                                         'dates of birth',
                                                         'Social Security '
                                                         'numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)']},
 'date_detected': '2013-08-20',
 'date_publicly_disclosed': '2013-08-20',
 'description': 'The California Department of Corrections and Rehabilitation '
                'reported a data breach involving Centinela State Prison. The '
                'breach occurred between July 26 and July 29, 2013, and '
                'involved unauthorized access to a file containing personal '
                'information, including names, dates of birth, and Social '
                'Security numbers of employees. The number of individuals '
                'affected is currently unknown.',
 'impact': {'data_compromised': ['names',
                                 'dates of birth',
                                 'Social Security numbers'],
            'identity_theft_risk': 'High (PII exposed)'},
 'references': [{'source': 'California Department of Corrections and '
                           'Rehabilitation Public Disclosure'}],
 'title': 'Centinela State Prison Data Breach (2013)',
 'type': 'Data Breach'}