CLEVELAND — The Catholic Diocese of Cleveland says an "unauthorized party" accessed an employee email account that stored sensitive personal data.
The Diocese said in an announcement on its website that the employee's email account was accessed by the unauthorized individual between Dec. 14, 2023 and Jan. 12, 2024. On March 14, 2024, the Diocese discovered that the breach included personal information.
According to the Diocese, the information stored in the email account included full names and "one or more" of the following:
- Date of birth
- Social Security number
- Taxpayer identification number
- Financial account information and security code
- Routing number
- Driver's license number
- Health insurance information
- Passport number
The Diocese has not received any reports of identity fraud or the data being used improperly "as a direct result of this incident." It says it reached out to impacted individuals whose contact information they had on file about the breach on April 17 out of "an abundance of caution."
"Impacted individuals are encouraged to take steps to protect themselves against identity fraud, including placing a fraud alert/security freeze on their credit files, obtaining free credit reports, and remaining vigilant in reviewing financial account statements and credit reports for fraudulent or irregular activity on a regular basis," the Diocese said. "Individuals who may have had their Social Security number impacted are encouraged to enroll in complimentary credit monitoring services provided in the notification letter.
"We are committed to maintaining the privacy of personal information in its possession and has taken many precautions to safeguard it," the Diocese continued. "We continually evaluate and modify our practices and internal controls to enhance the security and privacy of personal information."
The Diocese set up a toll-free hotline for anyone who has questions about the breach at 866-528-9250. The response line is staffed Monday through Friday from 9 a.m. to 6 p.m. Eastern Time.
"This response line is staffed with professionals familiar with this incident and knowledgeable on what you can do to protect against misuse of your information," the Diocese said.
The Catholic Diocese of Cleveland provided a list of suggested actions and resources individuals utilize take if they are concerned about potential fraud on its website.