On or about April 21, 2025, Grant County Public Utility District No. 2 (“Grant PUD”), reported a significant cybersecurity incident (the “Data Breach”) to the Washington State Attorney General’s Office. The Data Breach occurred when an unauthorized actor gained access to LSC’s computer systems on April 21, 2025. At least, 850 people were affected by the Data Breach.
Grant PUD is a public utility established in 1938 providing power and fiber service for Grant County, Washington. Grant PUD has over 40,000 customers in the residential, commercial, irrigation, and industrial sectors.
Grant PUD sent data breach notification letters to those affected and offered complimentary membership credit monitoring services for 7 years. If you received a Data Breach notification letter from Grant PUD, it confirms that your information was potentially impacted.
What information is involved in the Grant County Public Utility District NO. 2 (“Grant PUD”) Data Breach?
Compromised information may include:
Name
Social Security Number
Financial and Banking Information
Date of Birth
Other
Your Personally Identifiable Information (PII) includes details that can be used to identify you. It plays a key role in defining your identity. Organizations are legally obligated to safeguard this data, and failure to do so can result in statutory fines and other legal consequences. If PII is stolen, it may be exploited by criminals to commit identity fraud.
A specific category of PII is Protected Health Information (PHI), which pertains to personal medical data. PHI is safeguarded under both federal and state regulations. Entities such as healthcare providers and businesses that manage PHI must ensure its security. Just like PII, compromised PHI can be misused by identity thieves, and it’s common for cybercriminals to use both types of information together.
If your data has been exposed in a breach, one of the most effective steps you can take is to enroll in credit and identity monitoring services promptly.