DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Personal and sensitive files from Tehama County Social Services leaked on dark web. Have the victims been notified?

Posted on June 10, 2022 by Dissent

On their dark web blog, Quantum threat actors claim to have acquired 32 GB of files from Tehama County Social Services in California.

Quantum added Tehama County Social Services to their dark web leak site.

Quantum describes the files as involving information of county clients and employees:

Financial information, budgets, fiscal docs, contracts, HR data, resumes, payrolls, clients personal data, scans ID, scans SSN, personal info, scans certificates, incident reports, COVID vaccine cards, personal medical information, death lists, criminal record documents, Protective Custody Removal Warrants, many working documents, confidential documents, birth certificates, medication lists, children documents, court reports, client base with addresses and phones, MEDS program access, insurance documents

The attack occurred on April 9, and as media reported on April 15, the county quickly took its system offline to investigate.  As of today’s date, however, if one goes to the county’s site, you can find no update or any indication that anything was ever wrong.

How can there be no notice on the site when Quantum leaked all the data and the leaked files contain sensitive and personal information?

Where is the county’s notification to the California Attorney General’s Office? Where is their notification to employees?  Where is their notification to their clients or residents who applied for services? DataBreaches cannot find any such notifications or even reference to any press releases after media coverage in April of the county’s initial statement.

And who/what is Quantum Blog?  They have been around for approximately one year now, but claim they are not hackers. On their “About” page, they write:

What we do

We inform the society about attacks and consequenses, about information leaked to the hackers. All posts are completely free, available for all visitors to download, use and repost in any place.

What we don’t do

We aren’t hackers, we didn’t penetrate any network and didn’t take any information or document.

According to Lawrence Abrams of Bleeping Computer and the DFIR Report, however, that’s inaccurate, and Quantum does encrypt (and apparently exfiltrates, although DFIR Report had not been able to verify that in one case they discussed).   DataBreaches sent an inquiry to Quantum yesterday about their role and actions in the Tehama incident, but has received no reply (as yet, anyway).

DataBreaches also sent an inquiry yesterday to TCDSS with a number of questions as to whether they notified the California Attorney General’s Office, whether they notified HSS, and whether individuals whose data had been accessed or acquired have been notified by mail. TCDSS was also asked how many people, total, had personal or protected health information accessed or acquired. No reply has been received.

 

Category: Breach IncidentsGovernment SectorHealth DataMalwareU.S.

Post navigation

← Vermont Enacts Insurance Data Security Law
Data breach lawsuits settle: UPMC vendor and a holding company for department stores →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • AMI Group – Travel & Tours notice of ransomware attack
  • Resource: Insider Threat reports
  • Za: Cyber extortionist sentenced to eight years in jail
  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.