City of Philadelphia Releases Cyber-Breach Notice

Five months after a cyber incident occurred, the city of Philadelphia is now releasing a notice regarding the investigation of a data breach, which involved personal health information.

Officials came across suspicious email activity, and after launching an investigation to determine the scope of the incident, found that a threat actor gained access to the city's email accounts between May 26 and July 28 of this year. The investigation is ongoing.

In a privacy incident notice, the city of Philadelphia wrote that "the types of information impacted vary by individual. However, the types of information impacted could include: demographic information, such as name, address, date of birth, social security number, and other contact information; medical information, such as diagnosis and other treatment related information; and limited financial information, such as claims information."

The city has reported the cyber breach to the US Department of Health and Human Services, and recommends that individuals remain vigilant by reviewing account statements, credits reports, and any unusual activity.

"Any suspicious activity should be reported promptly to your insurance company, health care provider, or applicable financial institution," the city stated in its notice.