For nearly two months this year, an unauthorized party had illegitimate access to the email accounts of certain employees working for the city of Sun Prairie, Wisconsin.
These accounts contained sensitive data such as Social Security numbers, account logins and passwords, drivers' licenses, state identification numbers, bank and financial account numbers, medical information and payment card information.
"The City undertook a lengthy and labor-intensive process to identify the personal information contained in the affected email accounts," said a press release issued yesterday by the city of roughly 30,000. "While the investigation was unable to confirm what, if any, information that was accessed within the affected email accounts, the City is notifying individuals in an abundance of caution because we have confirmed that certain information was present in the affected email accounts."
According to Sun Prairie, it was approximately March 6 when the city first became aware of suspicious activity involving one employee's email account. An ensuing forensics investigation ultimately revealed that several employee accounts were affected by the breach between January 16, 2019 and March 6.
"The City has security measures, policies, and procedures in place to protect the data on its systems and it continues to review and update these measures as part of our ongoing commitment to the security of the information in our care," the release states.
Sun Prairie has advised those potentially affected to watch out for identity theft and fraud incidents, and to review account statements and credit reports. The city also set up a hotline number: 1-877-202-9025.