After an extensive forensic investigation into a phishing incident between November 10-20, 2020, Worcester County Government agencies and cybersecurity professionals discovered a breach of a County email account.
That email account contained limited personal information belonging to approximately 3,000 County and Board of Education (BOE) employee and retiree accounts. While there is no forensic evidence of any malicious activity regarding data breached during the incident, the County implemented significant measures to protect everyone affected by this incident.
According to Worcester County:
On April 27, WCG issued letters to each person whose information may have been affected. Each letter specifies what personal information was impacted. Credit and debit account information was not impacted.
Incidents like this breach can occur at any time. However, there are steps that each of us can take to protect against the misuse of sensitive information.
- Remain vigilant. Review account statements for fraudulent or irregular activity.
- Order a free credit report. Federal law entitles you to one free credit report every 12 months from each of the three major nationwide credit reporting companies.
- Contact your financial institution. If you see a fraudulent charge on your payment card, contact the financial institution that issued your card.
- Those who suspect that their personal information may have been compromised may consider placing a one-year fraud alert and/or security freeze on your credit file by visiting https://www.experian.com/fraud/center.html
- Report fraud. If you find suspicious activity on your credit reports or have reason to believe your information is being misused, contact local law enforcement and file a police report. Get a copy of the police report, as many creditors will want the information it contains to absolve you of fraudulent debts.
Hackers are increasingly targeting states and local governments with sophisticated cyberattacks. Securing government information systems is critical, as a cyber intrusion can be very disruptive, jeopardizing sensitive information, public safety, and the delivery of essential services.
In the 2022 legislative session, MACo’s advocacy helped secure needed State resources and streamline collaboration, communication, and coordination to help lead local governments, school systems, and critical infrastructure toward a more cyber-secure future.