BACKGROUND:
The City of Long Beach experienced a network security incident on or about Nov. 14, 2023, whereby an unauthorized third party gained access to the City network. Upon discovery, the City immediately initiated a thorough and detailed technical investigation with the assistance of external information technology experts. The City also notified law enforcement and the community, and temporarily took City systems offline. In the following weeks, most City systems were restored and brought back online. The City has since continued to work closely with leading, external cybersecurity professionals to further the investigation. Additional information about the City’s initial response efforts for this incident is available at longbeach.gov/networksecurityincident.
LATEST NEWS – April 2025 Update
What We Know. The City values and respects the personal information it maintains and is committed to being open and transparent with the community. Our investigation into the network security incident, which concluded on March 18, 2025, revealed that files containing certain personal information may have been accessed and/or acquired by an unauthorized individual(s). The City is notifying impacted individuals starting on April 14, 2025 via U.S. mail. While there is no indication that any information has been misused for the purpose of committing fraud or identity theft, the City is providing impacted individuals notices out of an abundance of caution, so that those impacted have the information, tools and resources to safeguard their personal information should they chose to do so.
What Information Was Involved? The potentially impacted files contained first and last names in combination with one or more of the following: date of birth, financial account information, credit and/or debit card information, Social Security number, biometric information, medical diagnosis and/or treatment information, medical provider information, health insurance information, driver’s license number, passport number, medical record number, taxpayer identification number, and patient account information. The types of personal information involved varied by individual and not every data element was impacted for each individual.
What We Are Doing. The City is in the process of sending notification letters via U.S. mail to people who may be affected using their last known home address that is available. The letters disclose what information may have been impacted for individuals, explain the services available to potentially affected individuals, and provide tools to help safeguard individuals against identity fraud. The City is also disclosing this same information on this webpage to ensure it is publicly accessible for all who believe they should have received a notification letter and have not. Please see the “Additional Information and Resources” section below.
The City has established a dedicated call center staffed with professionals familiar with this incident to provide information and resources to those impacted. The call center is available at 888-802-9667 Monday through Friday, 6 a.m. to 6 p.m. Pacific Time, excluding holidays. The City is also offering people whose Social Security numbers were potentially impacted with complimentary credit-monitoring services in accordance with applicable state laws. An updated list of Frequently Asked Questions related to this update is also available in English, Spanish, Khmer and Tagalog (coming soon).
What Can People Who Are Affected Do? People who receive a letter from the City of Long Beach are encouraged to take precautionary measures to protect their personal information, including placing a Fraud Alert and/or Security Freeze on credit files, obtaining free credit reports, and remaining vigilant in reviewing financial account statements and credit reports for fraudulent or irregular activity on a regular basis.
People can call the dedicated call center at 888-802-9667 for more information and connections to resources. This response line is staffed with professionals familiar with this incident and knowledgeable on what you can do to protect against misuse of your information.
How Will Individuals Know If They Are Affected by This Incident? Those impacted will receive a letter from the City of Long Beach via U.S. mail. If people believe they may have been impacted and did not receive a notification letter, or have any further questions regarding this incident, they should call our dedicated toll-free response line at 888-802-9667. People can review the “Additional Information and Resources” section below for more information.
ADDITIONAL INFORMATION & RESOURCES
While the City is in the process of issuing letters to people whose information may have been accessed and/or acquired, the City is advising all community members of the following proactive measures they can take, should they feel it appropriate to do so.
- Place a Fraud Alert on Your Credit File: Place an initial one-year “Fraud Alert” on your credit files, at no charge. A fraud alert tells creditors to contact you personally before they open any new accounts. To place a fraud alert, call any one of the three major credit bureaus at the numbers listed below. As soon as one credit bureau confirms your fraud alert, they will notify the others.
- Consider Placing a Security Freeze on Your Credit File. Request a “Security Freeze” be placed on your credit file, at no charge. A security freeze prohibits, with certain specific exceptions, the consumer reporting agencies from releasing a person's credit report or any information from it without the person's express authorization. People may place a security freeze on their credit report by contacting all three nationwide credit reporting companies listed below and following the stated directions or by sending a request in writing, by mail, to all three credit reporting companies. To request a security freeze, people must provide their name, address, date of birth, Social Security number and other personal information. After receiving the freeze request, each credit reporting company will send the requestor a confirmation letter containing a unique PIN (personal identification number) or password. Keep the PIN or password in a safe place; it will be needed to lift the freeze.
- Equifax. Place a security freeze by phone at 888.298.0045, online or mail at P.O. Box 105788, Atlanta, GA.
- Experian. Place a security freeze by phone at 888.397.3742, online or mail at P.O. Box 9554, Allen, TX 75013.
- TransUnion. Place a security freeze by phone at 888.909.8872, online or mail at P.O. Box 160, Woodlyn, PA 19094
- Obtain a Free Credit Report. Under federal law, you are entitled to one free credit report every 12 months from each of the above three major nationwide credit reporting companies. Call 1-877-322-8228 or request your free credit reports online at www.annualcreditreport.com. Once you receive your credit reports, review them for discrepancies. Identify any accounts you did not open or inquiries from creditors that you did not authorize. Verify all information is correct. If you have questions or notice incorrect information, contact the credit reporting company.
- Protect Your Medical Information. While there is no evidence that people's medical information involved in this incident was or will be used for any fraudulent activity, the following practices can provide additional safeguards to protect against medical identity theft:
- Only share health insurance cards with your health care providers and other family members who are covered under your insurance plan or who help you with your medical care.
- Review your “explanation of benefits statement” which you receive from your health insurance company.
- Follow up with your insurance company or care provider for any items you do not recognize. If necessary, contact the care provider on the explanation of benefits statement and ask for copies of medical records from the date of the potential access (noted above) to current date.
- Ask your insurance company for a current year-to-date report of all services paid for you as a beneficiary. Follow up with your insurance company or the care provider for any items you do not recognize.
- Stay Alert. Even if you do not find any suspicious activity on your initial credit reports, the Federal Trade Commission recommends that you check your credit reports periodically. Checking your credit report periodically can help you spot problems and address them quickly.
- Addressing Suspicious Activity and Contacting Law Enforcement. If there is reason to believe your personal information has been used to commit fraud or other crimes against you, you may file a police report in the city in which you currently reside. Be sure to obtain a copy of the police report, as many creditors will want the information it contains to absolve you of the fraudulent debts.
- A police report can be obtained by calling the Long Beach Police Department non-emergency line at 562.435.6711.
- People may also file a complaint with the FTC online, by phone at 1.877.IDTHEFT (1.877.438.4338), or by mail at Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580.
