Caltrans
Company Details
Linkedin ID:
caltrans
Website:
Employees number:
12,475
Number of followers:
101,001
NAICS:
92
Industry Type:
Homepage:
ca.gov
IP Addresses:
0
Company ID:
CAL_3173240
Scan Status:
In-progress
Caltrans Company CyberSecurity Posture
ca.gov
From roads less traveled to highways supporting California’s demanding commute. The California Department of Transportation (Caltrans) manages more than 50,000 miles of California's highway and freeway lanes, provides inter-city rail services, permits more than 400 public-use airports and special-use hospital heliports, and works with local agencies to keep California moving. More than the road workers, we are California’s transportation infrastructure; established in 1895, Caltrans has been active in moving the people and commerce of California and continues to model the way in innovative transportation systems. Caltrans specializes in many areas related to transportation: Engineering, Environmental Analysis, Information Technology, Maintenance, Equipment, Transportation Planning, Land Surveys, Right of Way, Finance, Traffic Operations, Aeronautics, Legal, and Administration It is our commitment to the residents of California that keeps us honest in our mission of providing a safe and reliable transportation network that serves all people and respects the environment.
Caltrans A.I CyberSecurity Scoring
Caltrans Risk Score (AI oriented)Between 750 and 799
Caltrans
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Caltrans Global Score (TPRM)XXXX
Caltrans
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Caltrans Company CyberSecurity News & History
Past Incidents
31
Attack Types
3
Department of Motor Vehicles
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Department of Motor Vehicles (CA DMV) reported a data breach on November 6, 2015, involving an erroneous disclosure of personal information on September 28, 2015. The breach affected the Riverside Probation Department and involved the accidental transmission of names, dates of birth, physical descriptions, and driver license numbers, but did not include Social Security Numbers.
California Department of Motor Vehicles
Data Leak
Rankiteo Explanation
Attack limited on finance or reputation
Description: Seven government agencies now have access to some drivers' Social Security numbers thanks to a data breach at the California Department of Motor Vehicles. According to the organisation, the breach had an impact on 3,200 people for at least the previous four years. The DMV says that it was not hacked and that no private persons or organisations received the information. According to the DMV, steps were taken right away to fix the access issue and make sure that no further private information was leaked.
Department of State Hospitals
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: On May 11, 2021, the California Department of State Hospitals reported a data breach involving improper access to personal information. The breach, discovered on April 13, 2021, affected 1,415 patient names, COVID-19 test results, and health information, as well as the personal information of approximately 1,735 employees and job applicants. Details about the specific method of breach are not provided.
Department of State Hospitals
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Department of State Hospitals reported a data breach on April 5, 2021, involving improper access to personal information of approximately 1,735 employees and former employees, as well as 1,217 job applicants. The breach was discovered during an investigation initiated on February 25, 2021, with no evidence of misuse of the compromised information.
Department of State Hospitals
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Department of State Hospitals reported a data breach on May 24, 2013, involving the unauthorized disclosure of Social Security Numbers and other personal information of employees due to a security incident on May 8, 2013. The information was available on the intranet for approximately 6 hours, affecting an unknown number of individuals. The breach was made public through a notification letter, which provided recommendations for identity theft protection.
Department of State Hospitals – Coalinga
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Department of State Hospitals – Coalinga reported a data breach on September 3, 2021. The breach involved unauthorized disclosure of patient information to the United States District Court, which occurred on or around August 12, 2021. The specific types of compromised information included names, case numbers, birth dates, legal commitments, admission dates, unit numbers, and genders of patients, but did not include Social Security numbers or financial account numbers.
Department of State Hospitals – Atascadero
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Office of the Attorney General reported a data breach involving the Department of State Hospitals (DSH) on February 28, 2024. The breach, discovered on February 15, 2024, involved the unauthorized dissemination of Leave and Activity Balance reports containing confidential information, including full social security numbers and names. Approximately 1,000 individuals were affected by this incident.
Department of State Hospitals
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Department of State Hospitals experienced a data breach in early 2021, where unauthorized access to sensitive information was detected on **February 25, 2021**, though the breach spanned from **November 6, 2020, to February 5, 2021**. The incident compromised the data of **1,415 patients and 617 employees**, exposing **COVID-19 test results and health-related details**. However, no **Social Security numbers or financial information** were accessed. The breach involved improper access to both **patient and employee records**, raising concerns over privacy violations and potential misuse of medical data. While the exact method of unauthorized access was not disclosed, the exposure of health information—even without financial identifiers—poses risks of identity profiling, targeted phishing, or reputational harm to the affected individuals and the institution. The department took steps to investigate and mitigate the breach, though the long-term consequences for those impacted remain uncertain.
Department of Child Support Services
Breach
Rankiteo Explanation
Attack without any consequences
Description: The California Department of Child Support Services reported a potential disclosure of personal information on May 6, 2014. The breach occurred on April 7, 2014, when letters from the Solano County Department of Child Support Services were misplaced during transport. The exact number of individuals affected is unknown, and the types of information compromised are not specified.
California Department of Child Support Services
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Department of Child Support Services reported a data breach on January 14, 2025, involving the inadvertent emailing of personal information to a personal email account. The breach affected individuals' first names, last names, dates of birth, addresses, driver’s license numbers, and social security numbers. This incident highlights the vulnerability of sensitive personal data and the potential consequences of such breaches on individuals' privacy and security.
California Department of Child Support Services
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Office of the Attorney General reported a data breach involving the California Department of Child Support Services (DCSS) on September 13, 2022. The breach occurred on or around March 8, 2022, when an employee sent an email to their personal account containing personal information, including individuals' names, IRS Tax Intercept amounts, and IRS collection sources. The total number of affected individuals is currently unknown.
California Department of Child Support Services
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On March 29, 2012, the California Department of Child Support Services reported a data breach involving missing storage devices that potentially contained personal information of parents, caregivers, and children. The breach occurred on March 12, 2012, and involved personal information such as names, addresses, Social Security numbers, and health insurance details. The agency is working with International Business Machines (IBM) and Iron Mountain Inc. to locate the missing devices.
California Department of Finance
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Finance Department for the state of California was a recent target of Lockbit, the notorious Russian-linked ransomware group. The group allegedly posted on the dark web to threaten them that if the ransom demands aren’t met by December 24, they will leak the stolen data. The hackers also published online the number of directories and files that contained over 246,000 files and over 114,000 folders totalling 75.3GB of data, as displayed in the properties dialogue. However, an initial access broker (IAB) was offering a way past the department’s cyber defences for $30,000 per breached server.
Department of Health Care Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Department of Health Care Services (DHCS) reported a data breach involving the erroneous mailing of Beneficiary Identification Cards (BIC) due to a computer programming error. The breach occurred between December 10 and December 18, 2012, potentially affecting an unknown number of individuals, with exposed information including names, Client Index Numbers, dates of birth, and genders. Affected parties were informed on December 21, 2012, and a new card was to be issued by January 1, 2013.
Department of Health Care Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Department of Health Care Services (DHCS) reported a privacy incident on December 5, 2012, involving the exposure of Social Security numbers (SSNs) of In-Home Supportive Services (IHSS) providers. The breach occurred on November 5, 2012, when lists of Medi-Cal providers were posted online, inadvertently including an SSN in a non-standard format. The number of affected individuals is unknown.
Department of Health Care Services
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Department of Health Care Services (DHCS) reported a data breach on March 20, 2023, related to a security incident involving a subcontractor, Advanced Image Direct (AID), that occurred on January 12, 2023. The breach potentially exposed personal information, including names, addresses, county case numbers, dates of birth, and the last four digits of Social Security Numbers (SSNs). Approximately 1,500 individuals are reported to have been affected.
California Department of Justice
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Department of Justice’s 2022 Firearms Dashboard Portal accidentally went live with publicly-accessible files that include identifying information of California gun owners. The leaked information included the person’s full name, race, home address, date of birth, and date their permit was issued. The investigation revealed that the leaked files included home addresses, full names, and dates of birth for all seven custodial officers, 63 people with a place of employment permit, and 420 reserve officers. However, the leaked information was soon removed by the department.
California Department of Justice
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Department of Justice experienced a data breach on **June 27, 2022**, involving the unauthorized disclosure of sensitive personal information. The incident primarily affected approximately **100 individuals** holding **concealed carry weapons (CCW) permits**. The exposed data included **names, dates of birth, residential addresses, and CCW license numbers**—information that, if misused, could pose significant privacy and security risks to the affected individuals. The breach raises concerns about potential **identity theft, targeted harassment, or physical safety threats** for permit holders, given the sensitive nature of the leaked data. While the exact cause of the breach (e.g., insider threat, system vulnerability, or external cyberattack) was not specified in the report, the exposure of such regulated information underscores critical lapses in data protection protocols within a **government law enforcement agency**. The incident highlights the broader implications of **mishandling firearm-related records**, which are subject to strict confidentiality laws in many jurisdictions. The breach not only erodes public trust in the agency’s ability to safeguard sensitive data but also may lead to **legal repercussions, reputational damage, and heightened scrutiny** over its cybersecurity practices.
California Department of Justice
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: The California Department of Justice reported on May 11, 2012, that hackers affiliated with Anonymous accessed private email accounts of a retired agent from the Computer and Technology Crime High-Tech Response Team (CATCH) in November 2011. The breach potentially exposed personal information, including names and financial account information, although the exact number of individuals affected and specific details regarding the breach are unknown.
California Department of Public Health
Breach
Rankiteo Explanation
Attack without any consequences
Description: The California Department of Public Health reported a data breach on May 8, 2012, involving the theft of a survey binder containing personal and medical information after it was left in an unattended vehicle. Approximately 1 individual was affected, and the compromised information included name, date of birth, age, medications, room number, and medical record number.
California Department of Public Health
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Department of Public Health (CDPH) reported a data breach on May 8, 2013, involving a roll of microfiche containing approximately 2,000 birth records from 1974 found at an unsecure non-State location. The affected records include names, addresses, Social Security numbers, and some medical information, potentially impacting around 6,000 individuals born in specific months and counties in California.
California Department of Public Health
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Department of Public Health reported a data breach involving the Women, Infants, and Children (WIC) Program on September 26, 2013. The breach occurred on August 20, 2013, when a Madera County WIC employee mistakenly disclosed personal and medical information, including names and expected delivery dates, to another participant. The number of individuals affected is unknown.
California Department of Public Health
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The sensitive medical information of citizens of California was exposed by a misconfigured database managed by the California Department of Public Health. The misconfiguration resulted from an error made by a third-party contractor and led to the breach of names, dates of birth, addresses, and Covid-19-related health information of the citizens. The department set up a dedicated call center to help out the people of California affected by the breach.
California Department of Public Health
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: On May 23, 2018, the California Department of Public Health (CDPH) reported a data breach that occurred on March 12, 2018, involving the theft of documents and a laptop from a contractor's vehicle. This incident potentially exposed personal and health information such as names, Social Security numbers, and health insurance information. The breach highlights the vulnerability of sensitive data when handled by third-party contractors and the importance of robust security measures to protect personal information.
Department of Rehabilitation
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: On January 9, 2019, the California Department of Rehabilitation suffered a data breach involving an exposed spreadsheet containing sensitive employee information. The compromised data included employee names and Social Security numbers, affecting approximately 12 individuals. The breach was reported to the California Office of the Attorney General on January 25, 2019. In response, the Department took corrective action by offering credit monitoring services to the impacted employees to mitigate potential risks such as identity theft or financial fraud. The incident highlighted vulnerabilities in the handling of personally identifiable information (PII) within the organization, raising concerns about internal data protection protocols and the safeguarding of employee records against unauthorized access or disclosure.
Department of Rehabilitation
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Office of the Attorney General reported a data breach involving the Department of Rehabilitation on December 7, 2017. The breach occurred on November 22, 2017, when a file containing personal information, specifically names and social security numbers, was inadvertently emailed without encryption to an outside entity. The number of individuals affected is currently unknown.
California Department of Social Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Department of Social Services (CDSS) reported a data breach involving the unauthorized release of personal information on July 17, 2014. The breach, which occurred on July 16, 2014, involved accidentally discarded confidential documents that may have contained names, mailing addresses, dates of birth, and Social Security numbers. The number of individuals affected is currently unknown.
California Department of Social Services
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Department of Social Services reported a data breach on February 16, 2023, involving an incident that occurred on January 6, 2023. An employee emailed a document containing personal information, including names and Social Security numbers, to a personal account. The breach potentially affected an unspecified number of individuals. Corrective actions have been implemented to minimize future risks.
California Department of Social Services
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: On August 19, 2022, the California Department of Social Services (CDSS) reported a data breach that occurred on August 11, 2022. An email containing personal information, including names and Social Security numbers (SSN), was sent to unauthorized individuals. The total number of individuals affected is currently unknown.
California Department of Social Services
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Department of Social Services (CDSS) reported a data breach involving the Sun Bucks Program on October 3, 2024. The breach, which involved unauthorized access to case information in the ebtEDGE Web Admin platform, was discovered on July 19, 2024, and affected personal information including children's names, addresses, dates of birth, card numbers, and EBT account numbers. The number of individuals affected is not specified.
California Department of Social Services
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On **May 1, 2012**, the **California Department of Social Services (CDSS)** experienced a **security breach** involving the **In Home Supportive Services (IHSS) program**. The incident occurred during the transit of a package containing **personal information**, which was found **damaged** upon arrival, with some contents confirmed as **missing**. The exact number of affected individuals and the specific types of compromised data (e.g., names, Social Security numbers, medical records, or financial details) remain **undisclosed**.The breach highlights a **physical security failure** in safeguarding sensitive data during transportation, exposing participants of the IHSS program—who often include vulnerable populations such as elderly or disabled individuals—to potential risks like **identity theft, fraud, or unauthorized access to personal details**. While no evidence of malicious exploitation was reported, the **unknown scope of the leak** and the **sensitive nature of the program’s data** raise concerns about long-term repercussions for those impacted. The incident underscores the need for stricter **data handling protocols**, especially for government agencies managing high-risk personal information.
Caltrans Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Caltrans
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for Caltrans in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Caltrans in 2025.
Incident Types Caltrans vs Government Administration Industry Avg (This Year)
No incidents recorded for Caltrans in 2025.
Incident History — Caltrans (X = Date, Y = Severity)
Caltrans cyber incidents detection timeline including parent company and subsidiaries
Caltrans Company Subsidiaries
From roads less traveled to highways supporting California’s demanding commute. The California Department of Transportation (Caltrans) manages more than 50,000 miles of California's highway and freeway lanes, provides inter-city rail services, permits more than 400 public-use airports and special-use hospital heliports, and works with local agencies to keep California moving. More than the road workers, we are California’s transportation infrastructure; established in 1895, Caltrans has been active in moving the people and commerce of California and continues to model the way in innovative transportation systems. Caltrans specializes in many areas related to transportation: Engineering, Environmental Analysis, Information Technology, Maintenance, Equipment, Transportation Planning, Land Surveys, Right of Way, Finance, Traffic Operations, Aeronautics, Legal, and Administration It is our commitment to the residents of California that keeps us honest in our mission of providing a safe and reliable transportation network that serves all people and respects the environment.
Loading...
Caltrans Similar Companies
State of Tennessee
State government is the largest employer in Tennessee, with approximately 43,500 employees in the three branches of government. The State of Tennessee has approximately 1,300 different job classifications in areas such as administrative, health services, historic preservation, legal, agriculture, co
South African Revenue Service (SARS)
Its main functions are to: collect and administer all national taxes, duties and levies; collect revenue that may be imposed under any other legislation, as agreed on between SARS and an organ of state or institution entitled to the revenue; provide protection against the illegal importation
Transportation Security Administration (TSA)
The Transportation Security Administration (TSA) is a component agency of the U.S. Department of Homeland Security (DHS), committed to securing the nation’s transportation systems to ensure safe and efficient travel for all. Our mission is to protect the American people by preventing threats and dis
Västra Götalandsregionen
Region Västra Götaland is governed by democratically elected politicians and with just over 50,000 employees is one of Sweden’s biggest employers. It is tasked with offering good healthcare and dental care and providing the prerequisites for good public health, a rich cultural life, a good enviro
State of Michigan
Every day the contributions and achievements of State of Michigan employees have a direct impact on over 10 million Michiganders across the state. If you're looking for a fulfilling career in state government that can make a real difference in the lives of others, you can find your place working wit
State of Missouri
Build the Missouri of tomorrow. Ensure a strong foundation today. Join a group of innovative team members focused on driving the State of Missouri forward. As public servants, our team members have the opportunity to produce work that is both lasting and important. This work serves to protect famil
Ontario Government | Gouvernement de l’Ontario
Ontario Government | Gouvernement de l’Ontario The Ontario Government works to serve the public interest and uphold the public trust by providing Ministers with objective advice and expert guidance. The Ontario Public Service carries out the decisions and policies of the elected government with int
City of Framingham
OVERVIEW Framingham was incorporated as a town on June 25, 1700. Chapter 143 of the Acts of 1949 established the Town of Framingham Representative Town Government by Limited Town Meetings. The Citizens of Framingham adopted the Home Rule Charter for the City of Framingham at an election held on Ap
County of Santa Clara
The County of Santa Clara is located at the southern end of the San Francisco Bay and encompasses 1,312 square miles. It has one of the highest median family incomes in the country, and a wide diversity of cultures, backgrounds and talents. The County of Santa Clara continues to attract people fro
.png)
Caltrans CyberSecurity News
August 19, 2025 07:00 AM
CDT, Caltrans and EDD Seek High-Level IT Talent
The departments recently posted job descriptions for a chief information security and privacy officer; a statewide technology, policy and...
April 25, 2025 07:00 AM
How Chief Technology Officers are Transforming Transportation Agencies
Transportation agency chief technology officers (CTOs) are at the forefront of digital transformation in transportation.
April 18, 2025 07:00 AM
Article | Just one-tenth of key Caltrans permits approved, four years after ‘Internet for All’ promise
SACRAMENTO, California — California's Transportation Department said Friday it has approved less than 10 percent of key permits needed for...
April 17, 2025 07:00 AM
CIO Academy Recognizes Leaders, IT Teams
At this week's event, held Tuesday and Wednesday in Sacramento and presented by Government Technology, the CIO Academy honored dozens in...
March 11, 2025 12:45 PM
California awards $300M in federal funding for safer roadways
California said it will invest early $300 million in federal funding on 288 traffic safety projects across the state. The funding, part of the federal...
December 27, 2024 08:00 AM
Cal OES announces $22.6 million in cybersecurity grants to 113 state, local and tribal governments
Aiming to enhance the state's resilience against cyber threats, the California Governor's Office of Emergency Services (Cal OES) today...
September 27, 2024 07:00 AM
Article | Newsom signs bill to prioritize non-driving infrastructure on state highways
Gov. Gavin Newsom signed a bill Friday that requires California transportation officials to strengthen their rules for building crosswalks,...
August 20, 2024 07:00 AM
IT Leaders, State Projects Recognized as ‘Best of California’ for 2024
The Best of California Awards, presented during the California Government Innovation Summit, acknowledge high-achieving state IT officials and significant...
May 11, 2024 07:00 AM
Caltrans Seeks to Harness the Power of GenAI to Improve Safety and Traffic Congestion Across California
WHAT YOU NEED TO KNOW: Caltrans has awarded the first GenAI vendor contracts in California history, testing innovative solutions to protect...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Caltrans CyberSecurity History Information
Official Website of Caltrans
The official website of Caltrans is http://www.dot.ca.gov/.
Caltrans’s AI-Generated Cybersecurity Score
According to Rankiteo, Caltrans’s AI-generated cybersecurity score is 781, reflecting their Fair security posture.
How many security badges does Caltrans’ have ?
According to Rankiteo, Caltrans currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Caltrans have SOC 2 Type 1 certification ?
According to Rankiteo, Caltrans is not certified under SOC 2 Type 1.
Does Caltrans have SOC 2 Type 2 certification ?
According to Rankiteo, Caltrans does not hold a SOC 2 Type 2 certification.
Does Caltrans comply with GDPR ?
According to Rankiteo, Caltrans is not listed as GDPR compliant.
Does Caltrans have PCI DSS certification ?
According to Rankiteo, Caltrans does not currently maintain PCI DSS compliance.
Does Caltrans comply with HIPAA ?
According to Rankiteo, Caltrans is not compliant with HIPAA regulations.
Does Caltrans have ISO 27001 certification ?
According to Rankiteo,Caltrans is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Caltrans
Caltrans operates primarily in the Government Administration industry.
Number of Employees at Caltrans
Caltrans employs approximately 12,475 people worldwide.
Subsidiaries Owned by Caltrans
Caltrans presently has no subsidiaries across any sectors.
Caltrans’s LinkedIn Followers
Caltrans’s official LinkedIn profile has approximately 101,001 followers.
NAICS Classification of Caltrans
Caltrans is classified under the NAICS code 92, which corresponds to Public Administration.
Caltrans’s Presence on Crunchbase
No, Caltrans does not have a profile on Crunchbase.
Caltrans’s Presence on LinkedIn
Yes, Caltrans maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/caltrans.
Cybersecurity Incidents Involving Caltrans
As of December 09, 2025, Rankiteo reports that Caltrans has experienced 31 cybersecurity incidents.
Number of Peer and Competitor Companies
Caltrans has an estimated 11,445 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Caltrans ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak, Ransomware and Breach.
How does Caltrans detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an recovery measures with dedicated call center set up to help affected individuals, and containment measures with steps were taken right away to fix the access issue, and remediation measures with corrective actions implemented, and remediation measures with issuing new beneficiary identification cards, and communication strategy with informing affected parties, and third party assistance with international business machines (ibm), third party assistance with iron mountain inc., and communication strategy with notification letter with recommendations for identity theft protection, and recovery measures with credit monitoring services offered to affected individuals, and communication strategy with public disclosure on 2012-05-11, and communication strategy with public disclosure on march 17, 2021..
Incident Details
Can you provide details on each incident ?
Title: California Department of Public Health Data Breach
Description: The sensitive medical information of citizens of California was exposed by a misconfigured database managed by the California Department of Public Health. The misconfiguration resulted from an error made by a third-party contractor and led to the breach of names, dates of birth, addresses, and Covid-19-related health information of the citizens. The department set up a dedicated call center to help out the people of California affected by the breach.
Type: Data Breach
Attack Vector: Misconfigured Database
Vulnerability Exploited: Error by a third-party contractor
Title: California Department of Justice Firearms Dashboard Portal Data Leak
Description: The California Department of Justice’s 2022 Firearms Dashboard Portal accidentally went live with publicly-accessible files that include identifying information of California gun owners. The leaked information included the person’s full name, race, home address, date of birth, and date their permit was issued. The investigation revealed that the leaked files included home addresses, full names, and dates of birth for all seven custodial officers, 63 people with a place of employment permit, and 420 reserve officers. However, the leaked information was soon removed by the department.
Type: Data Leak
Title: Ransomware Attack on California Finance Department
Description: The Finance Department for the state of California was targeted by Lockbit, a Russian-linked ransomware group. The group threatened to leak stolen data if ransom demands weren't met by December 24. The hackers published details of the stolen data, including 246,000 files and 114,000 folders totaling 75.3GB. An initial access broker was offering access to the department's cyber defenses for $30,000 per breached server.
Type: Ransomware
Threat Actor: Lockbit
Motivation: Financial
Title: California DMV Data Breach
Description: Seven government agencies now have access to some drivers' Social Security numbers thanks to a data breach at the California Department of Motor Vehicles.
Type: Data Breach
Title: California Department of Social Services Data Breach
Description: A document containing personal information, including names and Social Security numbers, was emailed to a personal account by an employee.
Date Detected: 2023-02-16
Date Publicly Disclosed: 2023-02-16
Type: Data Breach
Attack Vector: Email
Vulnerability Exploited: Human Error
Threat Actor: Internal Employee
Motivation: Accidental
Title: California Department of Social Services Data Breach
Description: The California Department of Social Services (CDSS) reported a data breach involving unauthorized release of personal information on July 17, 2014. The breach, which occurred on July 16, 2014, involved accidentally discarded confidential documents that may have contained names, mailing addresses, dates of birth, and Social Security numbers. The number of individuals affected is currently unknown.
Date Detected: 2014-07-17
Date Publicly Disclosed: 2014-07-17
Type: Data Breach
Attack Vector: Accidental Discard of Confidential Documents
Title: CA DMV Data Breach
Description: The California Department of Motor Vehicles (CA DMV) reported a data breach on November 6, 2015, involving an erroneous disclosure of personal information on September 28, 2015. The breach affected the Riverside Probation Department and involved the accidental transmission of names, dates of birth, physical descriptions, and driver license numbers, but did not include Social Security Numbers.
Date Detected: 2015-11-06
Date Publicly Disclosed: 2015-11-06
Type: Data Breach
Attack Vector: Erroneous Disclosure
Title: California DHCS Data Breach
Description: The California Department of Health Care Services (DHCS) reported a data breach involving the erroneous mailing of Beneficiary Identification Cards (BIC) due to a computer programming error.
Date Detected: 2012-12-21
Date Resolved: 2013-01-01
Type: Data Breach
Attack Vector: Computer Programming Error
Vulnerability Exploited: Computer Programming Error
Title: California Department of Child Support Services Data Breach
Description: The California Department of Child Support Services reported a data breach involving missing storage devices that potentially contained personal information of parents, caregivers, and children.
Date Detected: 2012-03-29
Type: Data Breach
Attack Vector: Physical Theft/Loss
Title: Data Breach at California Department of Child Support Services
Description: An employee sent an email to their personal account containing personal information, including individuals' names, IRS Tax Intercept amounts, and IRS collection sources.
Date Detected: 2022-09-13
Date Publicly Disclosed: 2022-09-13
Type: Data Breach
Attack Vector: Email
Vulnerability Exploited: Human Error
Threat Actor: Internal Employee
Title: Data Breach at California Department of Public Health
Description: Theft of documents and a laptop from a contractor's vehicle, potentially exposing personal and health information.
Date Detected: 2018-05-23
Date Publicly Disclosed: 2018-05-23
Type: Data Breach
Attack Vector: Physical Theft
Title: California Department of Justice Email Breach
Description: Hackers affiliated with Anonymous accessed private email accounts of a retired agent from the Computer and Technology Crime High-Tech Response Team (CATCH) in November 2011.
Date Detected: 2011-11-01
Date Publicly Disclosed: 2012-05-11
Type: Data Breach
Attack Vector: Email Compromise
Threat Actor: Anonymous
Title: Data Breach at California Department of Health Care Services
Description: The California Department of Health Care Services (DHCS) reported a data breach on March 20, 2023, related to a security incident involving a subcontractor, Advanced Image Direct (AID), that occurred on January 12, 2023. The breach potentially exposed personal information, including names, addresses, county case numbers, dates of birth, and the last four digits of Social Security Numbers (SSNs). Approximately 1,500 individuals are reported to have been affected.
Date Detected: 2023-01-12
Date Publicly Disclosed: 2023-03-20
Type: Data Breach
Title: Data Breach at California Department of Rehabilitation
Description: The California Office of the Attorney General reported a data breach involving the Department of Rehabilitation on December 7, 2017. The breach occurred on November 22, 2017, when a file containing personal information, specifically names and social security numbers, was inadvertently emailed without encryption to an outside entity. The number of individuals affected is currently unknown.
Date Detected: 2017-11-22
Date Publicly Disclosed: 2017-12-07
Type: Data Breach
Attack Vector: Email
Vulnerability Exploited: Unencrypted Email
Title: California Department of Social Services Data Breach
Description: The California Department of Social Services (CDSS) reported a data breach involving the Sun Bucks Program on October 3, 2024. The breach, which involved unauthorized access to case information in the ebtEDGE Web Admin platform, was discovered on July 19, 2024, and affected personal information including children's names, addresses, dates of birth, card numbers, and EBT account numbers. The number of individuals affected is not specified.
Date Detected: 2024-07-19
Date Publicly Disclosed: 2024-10-03
Type: Data Breach
Attack Vector: Unauthorized Access
Title: California Department of State Hospitals Data Breach
Description: A data breach involving improper access to personal information was reported by the California Department of State Hospitals.
Date Detected: 2021-04-13
Date Publicly Disclosed: 2021-05-11
Type: Data Breach
Title: California Department of State Hospitals Data Breach
Description: Unauthorized disclosure of Social Security Numbers and other personal information of employees due to a security incident.
Date Detected: 2013-05-08
Date Publicly Disclosed: 2013-05-24
Type: Data Breach
Title: California DHCS Privacy Incident
Description: The California Department of Health Care Services (DHCS) reported a privacy incident on December 5, 2012, involving the exposure of Social Security numbers (SSNs) of In-Home Supportive Services (IHSS) providers. The breach occurred on November 5, 2012, when lists of Medi-Cal providers were posted online, inadvertently including an SSN in a non-standard format. The number of affected individuals is unknown.
Date Detected: 2012-11-05
Date Publicly Disclosed: 2012-12-05
Type: Data Breach
Attack Vector: Inadvertent Exposure
Vulnerability Exploited: Data Handling Error
Title: California Department of Public Health Data Breach
Description: The California Department of Public Health (CDPH) reported a data breach on May 8, 2013, involving a roll of microfiche containing approximately 2,000 birth records from 1974 found at an unsecure non-State location. The affected records include names, addresses, Social Security numbers, and some medical information, potentially impacting around 6,000 individuals born in specific months and counties in California.
Date Detected: 2013-05-08
Date Publicly Disclosed: 2013-05-08
Type: Data Breach
Title: California Department of Social Services Data Breach
Description: An email containing personal information, including names and Social Security numbers (SSN), was sent to unauthorized individuals.
Date Detected: 2022-08-19
Date Publicly Disclosed: 2022-08-19
Type: Data Breach
Attack Vector: Email
Title: California Department of Public Health Data Breach
Description: The California Department of Public Health reported a data breach involving the theft of a survey binder containing personal and medical information after it was left in an unattended vehicle.
Date Detected: 2012-05-08
Type: Data Breach
Attack Vector: Physical Theft
Vulnerability Exploited: Unattended Vehicle
Title: Potential Disclosure of Personal Information by California Department of Child Support Services
Description: The California Department of Child Support Services reported a potential disclosure of personal information on May 6, 2014. The breach occurred on April 7, 2014, when letters from the Solano County Department of Child Support Services were misplaced during transport. The exact number of individuals affected is unknown, and the types of information compromised are not specified.
Date Detected: 2014-05-06
Date Publicly Disclosed: 2014-05-06
Type: Data Breach
Attack Vector: Physical Theft/Loss
Title: Data Breach at Department of State Hospitals
Description: The California Office of the Attorney General reported a data breach involving the Department of State Hospitals (DSH) on February 28, 2024. The breach, discovered on February 15, 2024, involved the unauthorized dissemination of Leave and Activity Balance reports containing confidential information, including full social security numbers and names. Approximately 1,000 individuals were affected by this incident.
Date Detected: 2024-02-15
Date Publicly Disclosed: 2024-02-28
Type: Data Breach
Attack Vector: Unauthorized Dissemination
Title: California Department of State Hospitals – Coalinga Data Breach
Description: The California Department of State Hospitals – Coalinga reported a data breach involving unauthorized disclosure of patient information to the United States District Court.
Date Detected: 2021-09-03
Date Publicly Disclosed: 2021-09-03
Type: Data Breach
Attack Vector: Unauthorized Disclosure
Title: California Department of Child Support Services Data Breach
Description: The California Department of Child Support Services reported a data breach that occurred on January 14, 2025, involving the inadvertent emailing of personal information to a personal email account. The breach affected individuals' first names, last names, dates of birth, addresses, driver’s license numbers, and social security numbers.
Date Detected: 2025-01-14
Type: Data Breach
Attack Vector: Inadvertent Email
Title: California Department of State Hospitals Data Breach
Description: The California Department of State Hospitals reported a data breach on April 5, 2021, involving improper access to personal information of approximately 1,735 employees and former employees, as well as 1,217 job applicants. The breach was discovered during an investigation initiated on February 25, 2021, with no evidence of misuse of the compromised information.
Date Detected: 2021-02-25
Date Publicly Disclosed: 2021-04-05
Type: Data Breach
Title: California Department of Public Health WIC Program Data Breach
Description: The California Department of Public Health reported a data breach involving the Women, Infants, and Children (WIC) Program on September 26, 2013. The breach occurred on August 20, 2013, when a Madera County WIC employee mistakenly disclosed personal and medical information, including names and expected delivery dates, to another participant. The number of individuals affected is unknown.
Date Detected: 2013-08-20
Date Publicly Disclosed: 2013-09-26
Type: Data Breach
Attack Vector: Human Error
Vulnerability Exploited: Mistaken Disclosure
Threat Actor: Internal Employee
Motivation: Accidental
Title: California Department of Rehabilitation Data Breach (2019)
Description: The California Office of the Attorney General reported that the Department of Rehabilitation experienced a data breach involving a spreadsheet that included employee names and Social Security numbers. Approximately 12 individuals were affected, and the Department offered credit monitoring services to those impacted.
Date Detected: 2019-01-09
Date Publicly Disclosed: 2019-01-25
Type: Data Breach
Title: California Department of Social Services IHSS Data Breach (2012)
Description: The California Department of Social Services reported a security incident involving personal information relating to the In Home Supportive Services program (IHSS). The breach occurred during transit when a package containing personal information was damaged, with some contents determined missing. The number of individuals affected and specific types of information compromised are unknown.
Date Detected: 2012-05-11
Date Publicly Disclosed: 2012-05-11
Type: Data Breach (Physical Loss/Theft)
Attack Vector: Physical Theft/Loss During Transit
Title: California Department of Justice CCW Permit Data Breach
Description: The California Department of Justice reported a data breach involving the unauthorized release of personal information primarily related to individuals with concealed carry weapons (CCW) permits. Exposed data included names, dates of birth, addresses, and CCW license numbers, affecting approximately 100 individuals.
Date Detected: 2022-06-27
Date Publicly Disclosed: 2022-06-27
Type: Data Breach
Title: California Department of State Hospitals Data Breach (2021)
Description: The California Department of State Hospitals reported a data breach involving improper access to patient and employee data. The breach affected approximately 1,415 patients and 617 employees, potentially exposing COVID-19 test results and health information but no Social Security numbers or financial information. The breach occurred over multiple dates between November 6, 2020, and February 5, 2021, and was identified on February 25, 2021.
Date Detected: 2021-02-25
Date Publicly Disclosed: 2021-03-17
Type: Data Breach (Unauthorized Access)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach CAL184124422
Data Compromised: Names, Dates of birth, Addresses, Covid-19-related health information
Incident : Data Leak CAL234911022
Data Compromised: Full name, Race, Home address, Date of birth, Date their permit was issued
Incident : Ransomware CAL2251141222
Data Compromised: 246,000 files and 114,000 folders totaling 75.3GB
Incident : Data Breach CAL9230423
Data Compromised: Social security numbers
Incident : Data Breach CAL601072525
Data Compromised: Names, Social security numbers
Incident : Data Breach CAL733072525
Data Compromised: Names, Mailing addresses, Dates of birth, Social security numbers
Incident : Data Breach CAD846072525
Data Compromised: Names, Dates of birth, Physical descriptions, Driver license numbers
Incident : Data Breach CAL011072625
Data Compromised: Names, Client index numbers, Dates of birth, Genders
Incident : Data Breach CAL152072625
Data Compromised: Names, Addresses, Social security numbers, Health insurance details
Incident : Data Breach CAL518072625
Data Compromised: Individuals' names, Irs tax intercept amounts, Irs collection sources
Incident : Data Breach CAL543072625
Data Compromised: Names, Social security numbers, Health insurance information
Incident : Data Breach CAL619072625
Data Compromised: Names, Financial account information
Incident : Data Breach CAL416072625
Data Compromised: Names, Addresses, County case numbers, Dates of birth, Last four digits of ssns
Incident : Data Breach CAL739072625
Data Compromised: Names, Social security numbers
Incident : Data Breach CAL854072625
Data Compromised: Children's names, Addresses, Dates of birth, Card numbers, Ebt account numbers
Systems Affected: ebtEDGE Web Admin platform
Incident : Data Breach CAD921072625
Data Compromised: Patient names, Covid-19 test results, Health information, Personal information of employees and job applicants
Incident : Data Breach CAD211072725
Data Compromised: Social security numbers, Other personal information
Identity Theft Risk: High
Incident : Data Breach CAL732072725
Data Compromised: Social security numbers
Incident : Data Breach CAL902072725
Data Compromised: Names, Addresses, Social security numbers, Medical information
Incident : Data Breach CAL455072725
Data Compromised: Names, Social security numbers (ssn)
Incident : Data Breach CAL510072725
Data Compromised: Name, Date of birth, Age, Medications, Room number, Medical record number
Incident : Data Breach CAD531072825
Data Compromised: Full social security numbers, Names
Incident : Data Breach CAD749072825
Data Compromised: Names, Case numbers, Birth dates, Legal commitments, Admission dates, Unit numbers, Genders
Incident : Data Breach CAL036072925
Data Compromised: First names, Last names, Dates of birth, Addresses, Driver’s license numbers, Social security numbers
Incident : Data Breach CAD531072925
Data Compromised: Personal information
Incident : Data Breach CAL104080425
Data Compromised: Personal information, Medical information
Incident : Data Breach CAL1017090725
Data Compromised: Employee names, Social security numbers
Identity Theft Risk: High (SSNs exposed)
Incident : Data Breach (Physical Loss/Theft) CAL949091725
Brand Reputation Impact: Potential (unknown scale)
Identity Theft Risk: Potential (unknown scale)
Incident : Data Breach CAL547091725
Data Compromised: Names, Dates of birth, Addresses, Ccw license numbers
Brand Reputation Impact: Potential reputational damage due to exposure of sensitive permit holder data
Identity Theft Risk: High (due to exposure of PII including names, DOBs, and addresses)
Incident : Data Breach (Unauthorized Access) CAD034091825
Data Compromised: Covid-19 test results, Health information
Identity Theft Risk: Low (no SSNs or financial data exposed)
Payment Information Risk: None
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Dates Of Birth, Addresses, Covid-19-Related Health Information, , Full Name, Race, Home Address, Date Of Birth, Date Their Permit Was Issued, , Social Security numbers, Personal Information, , Names, Mailing Addresses, Dates Of Birth, Social Security Numbers, , Names, Dates Of Birth, Physical Descriptions, Driver License Numbers, , Names, Client Index Numbers, Dates Of Birth, Genders, , Personal Information, , Individuals' Names, Irs Tax Intercept Amounts, Irs Collection Sources, , Personal Information, Health Information, , Names, Financial Account Information, , Names, Addresses, County Case Numbers, Dates Of Birth, Last Four Digits Of Ssns, , Names, Social Security Numbers, , Personal Information, , Patient Names, Covid-19 Test Results, Health Information, Personal Information Of Employees And Job Applicants, , Social Security Numbers, Other Personal Information, , Social Security numbers, Names, Addresses, Social Security Numbers, Medical Information, , Names, Social Security Numbers (Ssn), , Personal Information, Medical Information, , Full Social Security Numbers, Names, , Names, Case Numbers, Birth Dates, Legal Commitments, Admission Dates, Unit Numbers, Genders, , First Names, Last Names, Dates Of Birth, Addresses, Driver’S License Numbers, Social Security Numbers, , Personal Information, , Personal Information, Medical Information, , Personally Identifiable Information (Pii), , Personal Information (specific types unknown), Personally Identifiable Information (Pii), License/Permit Data, , Covid-19 Test Results, Health Information and .
Which entities were affected by each incident ?
Incident : Data Breach CAL184124422
Entity Name: California Department of Public Health
Entity Type: Government Agency
Industry: Healthcare
Location: California
Customers Affected: Citizens of California
Incident : Data Leak CAL234911022
Entity Name: California Department of Justice
Entity Type: Government
Industry: Public Administration
Location: California
Incident : Ransomware CAL2251141222
Entity Name: Finance Department for the state of California
Entity Type: Government
Industry: Public Administration
Location: California
Incident : Data Breach CAL9230423
Entity Name: California Department of Motor Vehicles
Entity Type: Government Agency
Industry: Government
Location: California, USA
Customers Affected: 3200
Incident : Data Breach CAL601072525
Entity Name: California Department of Social Services
Entity Type: Government Agency
Industry: Public Administration
Location: California, USA
Customers Affected: Unspecified number of individuals
Incident : Data Breach CAL733072525
Entity Name: California Department of Social Services
Entity Type: Government Agency
Industry: Public Sector
Location: California, USA
Incident : Data Breach CAD846072525
Entity Name: Riverside Probation Department
Entity Type: Government Agency
Industry: Law Enforcement
Location: Riverside, California
Incident : Data Breach CAL011072625
Entity Name: California Department of Health Care Services
Entity Type: Government Agency
Industry: Healthcare
Location: California, USA
Customers Affected: Unknown
Incident : Data Breach CAL152072625
Entity Name: California Department of Child Support Services
Entity Type: Government Agency
Industry: Public Administration
Location: California, USA
Incident : Data Breach CAL518072625
Entity Name: California Department of Child Support Services
Entity Type: Government Agency
Industry: Public Administration
Location: California, USA
Incident : Data Breach CAL543072625
Entity Name: California Department of Public Health
Entity Type: Government Agency
Industry: Healthcare
Location: California, USA
Incident : Data Breach CAL619072625
Entity Name: California Department of Justice
Entity Type: Government Agency
Industry: Law Enforcement
Location: California, USA
Incident : Data Breach CAL416072625
Entity Name: California Department of Health Care Services
Entity Type: Government Agency
Industry: Healthcare
Location: California, USA
Customers Affected: 1500
Incident : Data Breach CAL739072625
Entity Name: California Department of Rehabilitation
Entity Type: Government Agency
Industry: Public Administration
Location: California, USA
Incident : Data Breach CAL854072625
Entity Name: California Department of Social Services
Entity Type: Government Agency
Industry: Social Services
Location: California
Incident : Data Breach CAD921072625
Entity Name: California Department of State Hospitals
Entity Type: Government
Industry: Healthcare
Location: California
Customers Affected: 1,415 patients, 1,735 employees and job applicants
Incident : Data Breach CAD211072725
Entity Name: California Department of State Hospitals
Entity Type: Government
Industry: Healthcare
Location: California, USA
Incident : Data Breach CAL732072725
Entity Name: California Department of Health Care Services
Entity Type: Government Agency
Industry: Healthcare
Location: California, USA
Incident : Data Breach CAL902072725
Entity Name: California Department of Public Health
Entity Type: Government Agency
Industry: Healthcare
Location: California
Customers Affected: 6000
Incident : Data Breach CAL455072725
Entity Name: California Department of Social Services
Entity Type: Government Agency
Industry: Public Administration
Location: California, USA
Incident : Data Breach CAL510072725
Entity Name: California Department of Public Health
Entity Type: Government Agency
Industry: Healthcare
Location: California, USA
Customers Affected: 1
Incident : Data Breach CAL540072725
Entity Name: California Department of Child Support Services
Entity Type: Government Agency
Industry: Public Administration
Location: California, USA
Incident : Data Breach CAD531072825
Entity Name: Department of State Hospitals
Entity Type: Government Agency
Industry: Healthcare
Location: California
Customers Affected: 1000
Incident : Data Breach CAD749072825
Entity Name: California Department of State Hospitals – Coalinga
Entity Type: Government
Industry: Healthcare
Location: Coalinga, California
Incident : Data Breach CAL036072925
Entity Name: California Department of Child Support Services
Entity Type: Government Agency
Industry: Public Administration
Location: California, USA
Incident : Data Breach CAD531072925
Entity Name: California Department of State Hospitals
Entity Type: Government
Industry: Healthcare
Location: California, USA
Incident : Data Breach CAL104080425
Entity Name: California Department of Public Health
Entity Type: Government Agency
Industry: Healthcare
Location: California, USA
Incident : Data Breach CAL1017090725
Entity Name: California Department of Rehabilitation
Entity Type: Government Agency
Industry: Public Administration / Social Services
Location: California, USA
Customers Affected: 12 (employees)
Incident : Data Breach (Physical Loss/Theft) CAL949091725
Entity Name: California Department of Social Services
Entity Type: Government Agency
Industry: Public Administration / Social Services
Location: California, USA
Customers Affected: Unknown (In Home Supportive Services program participants)
Incident : Data Breach CAL547091725
Entity Name: California Department of Justice
Entity Type: Government Agency
Industry: Law Enforcement / Public Safety
Location: California, USA
Customers Affected: 100
Incident : Data Breach (Unauthorized Access) CAD034091825
Entity Name: California Department of State Hospitals
Entity Type: Government Agency
Industry: Healthcare
Location: California, USA
Customers Affected: 2032
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach CAL184124422
Recovery Measures: Dedicated call center set up to help affected individuals
Incident : Data Breach CAL9230423
Containment Measures: Steps were taken right away to fix the access issue
Incident : Data Breach CAL601072525
Remediation Measures: Corrective actions implemented
Incident : Data Breach CAL011072625
Remediation Measures: Issuing new Beneficiary Identification Cards
Communication Strategy: Informing affected parties
Incident : Data Breach CAL152072625
Third Party Assistance: International Business Machines (Ibm), Iron Mountain Inc..
Incident : Data Breach CAD211072725
Communication Strategy: Notification letter with recommendations for identity theft protection
Incident : Data Breach CAL1017090725
Recovery Measures: Credit monitoring services offered to affected individuals
Incident : Data Breach (Physical Loss/Theft) CAL949091725
Communication Strategy: Public disclosure on 2012-05-11
Incident : Data Breach (Unauthorized Access) CAD034091825
Communication Strategy: Public disclosure on March 17, 2021
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through International Business Machines (IBM), Iron Mountain Inc., .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach CAL184124422
Type of Data Compromised: Names, Dates of birth, Addresses, Covid-19-related health information
Sensitivity of Data: High
Personally Identifiable Information: Yes
Incident : Data Leak CAL234911022
Type of Data Compromised: Full name, Race, Home address, Date of birth, Date their permit was issued
Sensitivity of Data: High
Incident : Ransomware CAL2251141222
Number of Records Exposed: 246,000 files and 114,000 folders
Data Exfiltration: Yes
Incident : Data Breach CAL9230423
Type of Data Compromised: Social Security numbers
Number of Records Exposed: 3200
Sensitivity of Data: High
Personally Identifiable Information: Social Security numbers
Incident : Data Breach CAL601072525
Type of Data Compromised: Personal information
Number of Records Exposed: Unspecified
Sensitivity of Data: High
Personally Identifiable Information: NamesSocial Security numbers
Incident : Data Breach CAL733072525
Type of Data Compromised: Names, Mailing addresses, Dates of birth, Social security numbers
Sensitivity of Data: High
Incident : Data Breach CAD846072525
Type of Data Compromised: Names, Dates of birth, Physical descriptions, Driver license numbers
Sensitivity of Data: High
Incident : Data Breach CAL011072625
Type of Data Compromised: Names, Client index numbers, Dates of birth, Genders
Number of Records Exposed: Unknown
Personally Identifiable Information: namesClient Index Numbersdates of birthgenders
Incident : Data Breach CAL152072625
Type of Data Compromised: Personal information
Sensitivity of Data: High
Personally Identifiable Information: namesaddressesSocial Security numbershealth insurance details
Incident : Data Breach CAL518072625
Type of Data Compromised: Individuals' names, Irs tax intercept amounts, Irs collection sources
Sensitivity of Data: High
Incident : Data Breach CAL543072625
Type of Data Compromised: Personal information, Health information
Sensitivity of Data: High
Incident : Data Breach CAL619072625
Type of Data Compromised: Names, Financial account information
Incident : Data Breach CAL416072625
Type of Data Compromised: Names, Addresses, County case numbers, Dates of birth, Last four digits of ssns
Number of Records Exposed: 1500
Sensitivity of Data: High
Incident : Data Breach CAL739072625
Type of Data Compromised: Names, Social security numbers
Sensitivity of Data: High
Data Encryption: No
Personally Identifiable Information: Yes
Incident : Data Breach CAL854072625
Type of Data Compromised: Personal information
Sensitivity of Data: High
Personally Identifiable Information: children's namesaddressesdates of birthcard numbersEBT account numbers
Incident : Data Breach CAD921072625
Type of Data Compromised: Patient names, Covid-19 test results, Health information, Personal information of employees and job applicants
Number of Records Exposed: 1,415 patient records, 1,735 employee and job applicant records
Incident : Data Breach CAD211072725
Type of Data Compromised: Social security numbers, Other personal information
Sensitivity of Data: High
Personally Identifiable Information: Yes
Incident : Data Breach CAL732072725
Type of Data Compromised: Social Security numbers
Sensitivity of Data: High
Personally Identifiable Information: Social Security numbers
Incident : Data Breach CAL902072725
Type of Data Compromised: Names, Addresses, Social security numbers, Medical information
Number of Records Exposed: 2000
Sensitivity of Data: High
File Types Exposed: Microfiche
Incident : Data Breach CAL455072725
Type of Data Compromised: Names, Social security numbers (ssn)
Sensitivity of Data: High
Incident : Data Breach CAL510072725
Type of Data Compromised: Personal information, Medical information
Number of Records Exposed: 1
Sensitivity of Data: High
Personally Identifiable Information: namedate of birthagemedicationsroom numbermedical record number
Incident : Data Breach CAD531072825
Type of Data Compromised: Full social security numbers, Names
Number of Records Exposed: 1000
Sensitivity of Data: High
Personally Identifiable Information: Full Social Security NumbersNames
Incident : Data Breach CAD749072825
Type of Data Compromised: Names, Case numbers, Birth dates, Legal commitments, Admission dates, Unit numbers, Genders
Sensitivity of Data: Medium
Incident : Data Breach CAL036072925
Type of Data Compromised: First names, Last names, Dates of birth, Addresses, Driver’s license numbers, Social security numbers
Sensitivity of Data: High
Incident : Data Breach CAD531072925
Type of Data Compromised: Personal information
Number of Records Exposed: 2952
Incident : Data Breach CAL104080425
Type of Data Compromised: Personal information, Medical information
Sensitivity of Data: High
Personally Identifiable Information: NamesExpected Delivery Dates
Incident : Data Breach CAL1017090725
Type of Data Compromised: Personally identifiable information (pii)
Number of Records Exposed: 12
Sensitivity of Data: High (includes SSNs)
File Types Exposed: Spreadsheet
Personally Identifiable Information: NamesSocial Security numbers
Incident : Data Breach (Physical Loss/Theft) CAL949091725
Type of Data Compromised: Personal Information (specific types unknown)
Number of Records Exposed: Unknown
Sensitivity of Data: High (personal information)
Incident : Data Breach CAL547091725
Type of Data Compromised: Personally identifiable information (pii), License/permit data
Number of Records Exposed: 100
Sensitivity of Data: High (includes names, DOBs, addresses, and CCW license numbers)
Data Exfiltration: Yes (unauthorized release)
Personally Identifiable Information: Full NamesDates of BirthPhysical AddressesCCW License Numbers
Incident : Data Breach (Unauthorized Access) CAD034091825
Type of Data Compromised: Covid-19 test results, Health information
Number of Records Exposed: 2032
Sensitivity of Data: Moderate (health data, no SSNs/financial info)
Personally Identifiable Information: Partial (health data, no SSNs)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Corrective actions implemented, , Issuing new Beneficiary Identification Cards, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by steps were taken right away to fix the access issue and .
Ransomware Information
Was ransomware involved in any of the incidents ?
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Dedicated call center set up to help affected individuals, Credit monitoring services offered to affected individuals.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach CAL1017090725
Regulatory Notifications: Reported to the California Office of the Attorney General
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach CAD211072725
Recommendations: Identity theft protection measures
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Identity theft protection measures.
References
Where can I find more information about each incident ?
Incident : Data Breach CAL601072525
Source: California Department of Social Services
Date Accessed: 2023-02-16
Incident : Data Breach CAL733072525
Source: California Department of Social Services
Date Accessed: 2014-07-17
Incident : Data Breach CAL518072625
Source: California Office of the Attorney General
Date Accessed: 2022-09-13
Incident : Data Breach CAL543072625
Source: California Department of Public Health
Date Accessed: 2018-05-23
Incident : Data Breach CAL619072625
Source: California Department of Justice
Date Accessed: 2012-05-11
Incident : Data Breach CAL416072625
Source: California Department of Health Care Services
Incident : Data Breach CAL739072625
Source: California Office of the Attorney General
Date Accessed: 2017-12-07
Incident : Data Breach CAD921072625
Source: California Department of State Hospitals
Incident : Data Breach CAD211072725
Source: Notification letter
Incident : Data Breach CAL540072725
Source: California Department of Child Support Services
Incident : Data Breach CAD531072825
Source: California Office of the Attorney General
Date Accessed: 2024-02-28
Incident : Data Breach CAD749072825
Source: California Department of State Hospitals – Coalinga
Date Accessed: 2021-09-03
Incident : Data Breach CAD531072925
Source: California Department of State Hospitals
Incident : Data Breach CAL104080425
Source: California Department of Public Health
Incident : Data Breach CAL1017090725
Source: California Office of the Attorney General
Date Accessed: 2019-01-25
Incident : Data Breach (Physical Loss/Theft) CAL949091725
Source: California Department of Social Services Public Statement
Date Accessed: 2012-05-11
Incident : Data Breach CAL547091725
Source: California Department of Justice Public Disclosure
Date Accessed: 2022-06-27
Incident : Data Breach (Unauthorized Access) CAD034091825
Source: California Department of State Hospitals Breach Notice
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Department of Social ServicesDate Accessed: 2023-02-16, and Source: California Department of Social ServicesDate Accessed: 2014-07-17, and Source: CA DMV Data Breach ReportDate Accessed: 2015-11-06, and Source: California Office of the Attorney GeneralDate Accessed: 2022-09-13, and Source: California Department of Public HealthDate Accessed: 2018-05-23, and Source: California Department of JusticeDate Accessed: 2012-05-11, and Source: California Department of Health Care Services, and Source: California Office of the Attorney GeneralDate Accessed: 2017-12-07, and Source: California Department of State Hospitals, and Source: Notification letter, and Source: California Department of Child Support Services, and Source: California Office of the Attorney GeneralDate Accessed: 2024-02-28, and Source: California Department of State Hospitals – CoalingaDate Accessed: 2021-09-03, and Source: California Department of State Hospitals, and Source: California Department of Public Health, and Source: California Office of the Attorney GeneralDate Accessed: 2019-01-25, and Source: California Department of Social Services Public StatementDate Accessed: 2012-05-11, and Source: California Department of Justice Public DisclosureDate Accessed: 2022-06-27, and Source: California Department of State Hospitals Breach Notice.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach (Physical Loss/Theft) CAL949091725
Investigation Status: Unknown (no follow-up details provided)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Informing Affected Parties, Notification letter with recommendations for identity theft protection, Public disclosure on 2012-05-11, Public disclosure on March 17 and 2021.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach CAL1017090725
Customer Advisories: Credit monitoring services offered to affected employees
Incident : Data Breach (Physical Loss/Theft) CAL949091725
Customer Advisories: Public notification issued to IHSS program participants (assumed)
Incident : Data Breach (Unauthorized Access) CAD034091825
Customer Advisories: Affected individuals were likely notified as part of regulatory requirements (e.g., HIPAA).
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Credit monitoring services offered to affected employees, Public notification issued to IHSS program participants (assumed), Affected individuals were likely notified as part of regulatory requirements (e.g. and HIPAA)..
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach CAL518072625
Entry Point: Email
Incident : Data Breach (Unauthorized Access) CAD034091825
High Value Targets: Patient Health Data, Employee Health Data,
Data Sold on Dark Web: Patient Health Data, Employee Health Data,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach CAL184124422
Root Causes: Misconfiguration by a third-party contractor
Incident : Data Breach CAL601072525
Root Causes: Human Error
Corrective Actions: Corrective actions implemented
Incident : Data Breach CAL011072625
Root Causes: Computer Programming Error
Corrective Actions: Issuing New Beneficiary Identification Cards,
Incident : Data Breach CAL518072625
Root Causes: Human Error
Incident : Data Breach CAL104080425
Root Causes: Human Error
Incident : Data Breach (Physical Loss/Theft) CAL949091725
Root Causes: Physical security failure during transit of sensitive documents
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as International Business Machines (Ibm), Iron Mountain Inc., .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Corrective actions implemented, Issuing New Beneficiary Identification Cards, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Lockbit, Internal Employee, Internal Employee, Anonymous and Internal Employee.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-02-16.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2021-03-17.
What was the most recent incident resolved ?
Most Recent Incident Resolved: The most recent incident resolved was on 2013-01-01.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, dates of birth, addresses, Covid-19-related health information, , full name, race, home address, date of birth, date their permit was issued, , 246,000 files and 114,000 folders totaling 75.3GB, Social Security numbers, , Names, Social Security numbers, , names, mailing addresses, dates of birth, Social Security numbers, , Names, Dates of Birth, Physical Descriptions, Driver License Numbers, , names, Client Index Numbers, dates of birth, genders, , names, addresses, Social Security numbers, health insurance details, , Individuals' names, IRS Tax Intercept amounts, IRS collection sources, , names, Social Security numbers, health insurance information, , Names, Financial Account Information, , names, addresses, county case numbers, dates of birth, last four digits of SSNs, , Names, Social Security Numbers, , children's names, addresses, dates of birth, card numbers, EBT account numbers, , patient names, COVID-19 test results, health information, personal information of employees and job applicants, , Social Security Numbers, Other personal information, , Social Security numbers, , names, addresses, Social Security numbers, medical information, , Names, Social Security numbers (SSN), , name, date of birth, age, medications, room number, medical record number, , Full Social Security Numbers, Names, , names, case numbers, birth dates, legal commitments, admission dates, unit numbers, genders, , First Names, Last Names, Dates of Birth, Addresses, Driver’s License Numbers, Social Security Numbers, , Personal Information, , Personal Information, Medical Information, , Employee names, Social Security numbers, , , names, dates of birth, addresses, CCW license numbers, , COVID-19 test results, health information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was ebtEDGE Web Admin platform.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was international business machines (ibm), iron mountain inc., .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Steps were taken right away to fix the access issue.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Driver License Numbers, date of birth, Other personal information, IRS collection sources, name, legal commitments, Social Security numbers, addresses, Employee names, full name, health insurance details, room number, Individuals' names, Physical Descriptions, Covid-19-related health information, COVID-19 test results, health information, patient names, 246,000 files and 114,000 folders totaling 75.3GB, names, medical information, mailing addresses, CCW license numbers, dates of birth, case numbers, age, Addresses, admission dates, Full Social Security Numbers, First Names, county case numbers, Last Names, EBT account numbers, birth dates, Social Security Numbers, medical record number, Driver’s License Numbers, Personal Information, Dates of Birth, unit numbers, IRS Tax Intercept amounts, Medical Information, home address, Social Security numbers (SSN), personal information of employees and job applicants, health insurance information, Names, children's names, medications, race, Client Index Numbers, card numbers, last four digits of SSNs, date their permit was issued, Financial Account Information and genders.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 364.5K.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Identity theft protection measures.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are California Department of State Hospitals, California Department of Justice Public Disclosure, California Department of Social Services, California Department of Health Care Services, California Department of Public Health, California Department of Child Support Services, California Office of the Attorney General, California Department of State Hospitals Breach Notice, CA DMV Data Breach Report, Notification letter, California Department of State Hospitals – Coalinga, California Department of Social Services Public Statement and California Department of Justice.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Unknown (no follow-up details provided).
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Credit monitoring services offered to affected employees, Public notification issued to IHSS program participants (assumed), Affected individuals were likely notified as part of regulatory requirements (e.g. and HIPAA).
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Email.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Misconfiguration by a third-party contractor, Human Error, Computer Programming Error, Human Error, Human Error, Physical security failure during transit of sensitive documents.
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Corrective actions implemented, Issuing new Beneficiary Identification Cards.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF protections which allow attackers to create or remove tracker triggers. This issue is fixed in Tuleap Community Edition version 17.0.99.1763126988 and Tuleap Enterprise Edition versions 17.0-3 and 16.13-8.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://github.com/Enalean/tuleap/security/advisories/GHSA-f2xv-x3g6-4j9p
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://tuleap.net/plugins/tracker/?aid=45618
Description
Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API. Attackers have access to create, edit or remove plans. This issue is fixed in Tuleap Community Edition version 17.0.99.1762456922 and Tuleap Enterprise Edtion versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://github.com/Enalean/tuleap/security/advisories/GHSA-9h47-jg7r-ww7x
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://tuleap.net/plugins/tracker/?aid=45592
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. This issue is fixed in version Tuleap Community Edition version 17.0.99.1762444754 and Tuleap Enterprise Edition versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://github.com/Enalean/tuleap/security/advisories/GHSA-vxfh-h8p6-p5rg
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://tuleap.net/plugins/tracker/?aid=45593
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
- https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://tuleap.net/plugins/tracker/?aid=45583
Description
IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=caltrans' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
