Catholic Diocese of Cleveland Data Breach Exposes Unknown Number of SSNs and Other Sensitive Information | Console and partner, PC

On April 22, 2024, the Catholic Diocese of Cleveland filed a data breach complaint with the Montana Attorney General after discovering that an unauthorized person had accessed an employee's email account. In this notice, the Diocese of Cleveland states that the incident resulted in an unauthorized party gaining access to consumers' sensitive information, including names, dates of birth, social security numbers, tax identification numbers, financial account information, routing numbers, driver's license numbers, health insurance information and passport numbers. After completing the investigation, the Diocese of Cleveland began sending data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you have received a data breach notification from the Catholic Diocese of Cleveland, it is important that you understand what is at risk and what you can do about it. A data breach attorney can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft and discuss your legal options following a data breach in the Catholic Diocese of Cleveland. For more information, see our recent article on this topic Here.

What Caused the Data Breach in the Catholic Diocese of Cleveland?

The data breach in the Catholic Diocese of Cleveland was recently disclosed and more information is expected in the near future. However, the Diocese of Cleveland's filing with the Montana Attorney General provides some important information about what led to the violation. The Diocese of Cleveland also released a website notice discussing the incident.

According to these sources, on January 12, 2024, the Diocese of Cleveland discovered an information security incident after an unauthorized party was able to access an employee's email account. In response, the diocese secured its email environment and then launched an investigation with the help of outside cybersecurity experts.

Through this investigation, the Diocese of Cleveland determined that the email account was accessible to an unauthorized party between December 14, 2023 and January 12, 2024. It was also confirmed that the unauthorized party was able to access certain emails and attachments containing confidential consumer information.

After learning that sensitive consumer data was accessible to unauthorized parties, the Catholic Diocese of Cleveland reviewed the compromised files to determine what information was leaked and which consumers were affected. The Catholic Diocese of Cleveland completed this process on March 14, 2024. While the breached information varies from person to person, it may include your name, date of birth, social security number, financial account information, bank routing number, driver's license number, health insurance information, and passport number.

On April 22, 2024, the Catholic Diocese of Cleveland sent data breach letters to everyone affected by the recent data security incident. These letters should provide victims with a list of information belonging to them that was compromised.

More information about the Catholic Diocese of Cleveland

Founded in 1947, the Catholic Diocese of Cleveland is a religious organization serving residents of Cuyahoga, Summit, Lorain, Lake, Geauga, Medina, Wayne and Ashland counties. The diocese has over 613,000 members and is one of the largest diocesan social service systems in the world. Within the diocese there are 185 parishes, 108 Catholic schools, a pastoral center and a mission office.