Another day, another incident related to data protection. The Detroit city government offered more than 15,000 public employees a free credit monitoring service after a data breach was revealed, which could have exposed confidential information.
The measure applies to both current and former
city workers, Information Office Director Beth Niblock reported in an official
statement. The director’s letter also mentions that less than 10% of the city’s
accounts were compromised, although many of the affected accounts could contain
sensitive details. The incident occurred during the early morning of January
So far there have been no indications of
malicious use of the compromised information, in addition, because the
information exposed is encrypted, it is highly unlikely that hackers will be
able to access a readable version of this data. However, the city government
preferred not to leave loose ends and protect employees with this monitoring
service, data protection experts mention.
Without going into detail, the city
administration mentions that the exposed information also involves the personal
data of at least 300 customers of the Detroit Department of Water and Sewerage.
Affected users will also be able to access free credit monitoring services.
The Detroit city government will report
directly to affected persons, sending a letter to their respective homes, as
well as an email to their last address registered on the systems. In turn, the
Information Office will be working with data protection experts, cybersecurity
firms and federal law enforcement agencies to investigate the incident.
The causes of the incident are still unknown,
so we will have to wait for the investigation to conclude to determine whether
it is due to the intervention of any group of threat
actors, or whether the leak is due to carelessness of the city’s IT
staff. In the event of human error, the International Institute of Cyber
Security mentions that persons in charge of the affected areas should be called
to appear before the justified one.