The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals.
As revealed in a notice of data breach sent to affected people, an attacker breached the city’s network and exfiltrated an undisclosed number of files containing sensitive information.
“On May 29, 2022, the City learned of suspicious activity involving a user’s network account credential,” the data breach notification reads.
The City began notifying potentially impacted individuals on September 23 that, among the sensitive personal information exposed during the incident, the attacker could have accessed the affected individuals’ names and Social Security numbers.
“On September 12, this review concluded, and the review determined that the information at issue included certain personal information,” the City revealed in a separate announcement on its official website.
“The City treats the security of information in its possession as an utmost priority and apologizes for any inconvenience this event may cause,” the breach notification letters read. “As part of its ongoing commitment to the security of information within its care, the City reviewing its existing policies and procedures regarding cybersecurity and evaluating additional measures and safeguards to protect against this type of event in the future.”
