SEIU Local 1000 state worker union hit by ransomware

SEIU Local 1000, California's largest state employee union representing nearly 96,000 workers, was targeted by a ransomware attack.

The event was initially reported as a "network disruption" on January 20, two days following the actual breach. The union has described the situation as a criminal cyber act and is cooperating with law enforcement in their investigation.

Despite an official acknowledgment of the breach through an open letter, specific details regarding the compromised data and the individuals affected remain unclear.

A screenshot of the hackers’ dark web site indicates that 308 gigabytes of data were stolen by the attackers. From the screenshots, the stolen data appears to include:

• social security numbers,
• residential addresses,
• phone numbers,
• birth dates
• other personal information.

The incident has raised concerns about the potential exposure of sensitive information, but there are no details about the number of impacted individuals. The exact law enforcement agencies involved and the extent of personal data compromise, either of employees or members, are yet to be determined.

Update - On June 7, 2024, the Union of California State Workers, also known as Local SEIU 1000 (“SEIU”), officially reported a data breach  as a result of an the ransomware attack. SEIU disclosed that this incident enabled unauthorized access to consumers' sensitive information. Following the completion of their investigation, SEIU began issuing data breach notification letters to all impacted individuals.

The specific types of data exposed have not been publicly disclosed by SEIU.