cyber Breach

Sacramento County

Apr 20, 2022 1 min read
Sacramento County

The employees of Sacramento County were targeted in a phishing attack that resulted in them furnishing their County login credentials to an external website.

The attack exposed the protected health information of 2,096 persons and Personal Identifiable Information records of 816 people.

The county took immediately took action and notified the impacted individuals.

Source: https://pio.saccounty.gov/Pages/Report-of-Phishing-Attack-and-Data-Breach.aspx

TPRM report: https://scoringcyber.rankiteo.com/company/sacramento-county

"id": "sac115520422",
"linkid": "sacramento-county",
"type": "Breach",
"date": "06/2021",
"severity": "90",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': ['2,096 persons (protected '
                                               'health information)',
                                               '816 people (Personally '
                                               'Identifiable Information)'],
                        'industry': 'Public Sector',
                        'location': 'Sacramento, California, USA',
                        'name': 'Sacramento County',
                        'type': 'Government'}],
 'attack_vector': 'Phishing',
 'customer_advisories': 'Notified impacted individuals',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': ['2,096', '816'],
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Protected Health Information',
                                              'Personally Identifiable '
                                              'Information']},
 'description': 'The employees of Sacramento County were targeted in a '
                'phishing attack that resulted in them furnishing their County '
                'login credentials to an external website. The attack exposed '
                'the protected health information of 2,096 persons and '
                'Personal Identifiable Information records of 816 people.',
 'impact': {'data_compromised': ['Protected Health Information',
                                 'Personally Identifiable Information'],
            'identity_theft_risk': 'High'},
 'initial_access_broker': {'entry_point': 'Phishing Email'},
 'motivation': 'Data Theft',
 'post_incident_analysis': {'root_causes': 'Human Error'},
 'response': {'communication_strategy': 'Notified impacted individuals'},
 'title': 'Phishing Attack on Sacramento County Employees',
 'type': 'Phishing Attack',
 'vulnerability_exploited': 'Human Error'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.