The hackers responsible for the ransomware attack on the city’s network in May could have accessed some individuals’ sensitive, personal information, city officials announced late Aug. 3.

The gist

A city investigation determined in mid-June that files potentially containing sensitive information—including full name, home address, Social Security number, date of birth, insurance information, clinical information, claims information and other identifiers—could have been accessed by the hackers responsible for the ransomware attack.

The investigation is still ongoing, but city officials have started sending notice letters to the individuals potentially involved in the data breach, according to a city news release.

“The privacy and security of the information the city maintains is of the utmost importance, and the city sincerely regrets any inconvenience or concern this incident may have caused,” the news release stated.

The backstory

In early May, a group called Royal launched a cyberattack on the city’s network, which compromised several servers and impacted city services. Since then, the city has slowly restored services while investigating the issue.

Going forward

City officials are unaware of any identity theft or fraud resulting from the data breach, according to the news release, but promised to provide those involved with two years of free credit monitoring and identity theft protection services. Those involved will receive instructions on how to activate the services plus additional resources when the city notifies them that they are affected by mail.

Going forward, city officials encourage residents to “be vigilant” in reviewing financial statements and credit reports to be aware of any fraudulent activity. Those who believe they have been affected by the data breach but have not been notified by the city by Aug. 25 may call 833-627-2708 for assistance.