So it seems the Vacaville Housing Authority had a data breach on August 24th due to an employee attaching a file with Social Security numbers to an email that was sent to the wrong party. Thankfully, the recipient notified the VHA and deleted the errant email.
VHA is offering credit protection to those notified.
And if you want to read a nice, plain-language notification that hits all the key points and apologizes, see their letter on the California Attorney General’s site.