On or about June 2, 2025, Clark County, WA (“Clark County”), reported a significant cybersecurity incident (the “Data Breach”) to the Washington State Attorney General’s Office. The Data Breach occurred when an unauthorized actor gained access to Clark County’s computer systems between October 16, 2023 and October 21, 2023. Clark County took the network offline ensured the security of its systems, and launched an investigation into the nature and systems accessed and/or stole data on certain Clark County systems. At least, 58,168 people were affected by the Data Breach.
Clark County, located in southwestern Washington along the Columbia River and bordering Oregon, has an estimated 2025 population of approximately 529,976 residents.
Clark County sent data breach notification letters to those affected and provided individuals with information on how to place a fraud alert and security freeze on one’s credit file. If you received a Data Breach notification letter from Clark County, it confirms that your information was potentially impacted.
What information is involved in the Clark County, WA (“Clark County”) Data Breach?
Compromised information may include:
Name
Social Security Number
Driver’s License or State ID Card Number
Financial and Banking Information
Date of Birth
Passport Number
Health Insurance Policy or ID Number
Medical Information
Your Personally Identifiable Information (PII) includes details that can be used to identify you. It plays a key role in defining your identity. Organizations are legally obligated to safeguard this data, and failure to do so can result in statutory fines and other legal consequences. If PII is stolen, it may be exploited by criminals to commit identity fraud.
A specific category of PII is Protected Health Information (PHI), which pertains to personal medical data. PHI is safeguarded under both federal and state regulations. Entities such as healthcare providers and businesses that manage PHI must ensure its security. Just like PII, compromised PHI can be misused by identity thieves, and it’s common for cybercriminals to use both types of information together.
If your data has been exposed in a breach, one of the most effective steps you can take is to enroll in credit and identity monitoring services promptly.
If you received a NOTICE OF DATA BREACH letter from Clark County, your personal and financial information may be at risk. This type of data can be exploited by identity thieves to commit fraud and other crimes.