DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Personal and sensitive files from Tehama County Social Services leaked on dark web. Have the victims been notified?

Posted on June 10, 2022 by Dissent

On their dark web blog, Quantum threat actors claim to have acquired 32 GB of files from Tehama County Social Services in California.

Quantum added Tehama County Social Services to their dark web leak site.

Quantum describes the files as involving information of county clients and employees:

Financial information, budgets, fiscal docs, contracts, HR data, resumes, payrolls, clients personal data, scans ID, scans SSN, personal info, scans certificates, incident reports, COVID vaccine cards, personal medical information, death lists, criminal record documents, Protective Custody Removal Warrants, many working documents, confidential documents, birth certificates, medication lists, children documents, court reports, client base with addresses and phones, MEDS program access, insurance documents

The attack occurred on April 9, and as media reported on April 15, the county quickly took its system offline to investigate.  As of today’s date, however, if one goes to the county’s site, you can find no update or any indication that anything was ever wrong.

How can there be no notice on the site when Quantum leaked all the data and the leaked files contain sensitive and personal information?

Where is the county’s notification to the California Attorney General’s Office? Where is their notification to employees?  Where is their notification to their clients or residents who applied for services? DataBreaches cannot find any such notifications or even reference to any press releases after media coverage in April of the county’s initial statement.

And who/what is Quantum Blog?  They have been around for approximately one year now, but claim they are not hackers. On their “About” page, they write:

What we do

We inform the society about attacks and consequenses, about information leaked to the hackers. All posts are completely free, available for all visitors to download, use and repost in any place.

What we don’t do

We aren’t hackers, we didn’t penetrate any network and didn’t take any information or document.

According to Lawrence Abrams of Bleeping Computer and the DFIR Report, however, that’s inaccurate, and Quantum does encrypt (and apparently exfiltrates, although DFIR Report had not been able to verify that in one case they discussed).   DataBreaches sent an inquiry to Quantum yesterday about their role and actions in the Tehama incident, but has received no reply (as yet, anyway).

DataBreaches also sent an inquiry yesterday to TCDSS with a number of questions as to whether they notified the California Attorney General’s Office, whether they notified HSS, and whether individuals whose data had been accessed or acquired have been notified by mail. TCDSS was also asked how many people, total, had personal or protected health information accessed or acquired. No reply has been received.

 

Related posts:

  • County of Tehama, Calif., Identifies and Addresses Data Security Incident
  • SCOOP: Glenn County Office of Education paid $400k ransom after ransomware attack
  • Operation Anti Security Breakdown and targets, the full time line
Category: Breach IncidentsGovernment SectorHealth DataMalwareU.S.

Post navigation

← Vermont Enacts Insurance Data Security Law
Data breach lawsuits settle: UPMC vendor and a holding company for department stores →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.