The Catholic Diocese of Cleveland recently determined that an unauthorized person accessed an email account that contained personal information between Dec. 14, 2023, and Jan. 12, 2024.
The diocese said it conducted an "extensive manual review of the affected data" that was accessed, which included one or more of the following:
- Date of birth
- Social Security number
- Taxpayer identification number
- Financial account information, security code, routing number
- Driver’s license number
- Health insurance information
- Passport number
The diocese said that, at this time, it is unaware of any reports of identity fraud in connection with the data breach. Individuals affected by the breach have been notified by mail.
The diocese released the following statement regarding the matter:
"The privacy and security of personal information is of the utmost importance Catholic Diocese of Cleveland, which recently learned that an unauthorized party may have obtained access to an employee email account. Upon learning this, we contained the incident and commenced a prompt and thorough investigation. As part of the investigation, we engaged third-party cybersecurity professionals to conduct a forensic investigation and review the impacted email account and the data stored within.
Following the forensic investigation, we determined that the contents of the email account were subject to access and acquisition by an unauthorized individual. We conducted an extensive manual review of the affected data and we discovered the potentially impacted data contained personal information related to employees. We provided notification of this incident via U.S. mail commencing on April 17, 2024."
CLICK HERE for more information.
We Follow Through
Want us to continue to follow through on a story? Let us know.