Notice of data breach – Seneca Family of Services.

November 9, 2021

The City and County of San Francisco learned that data systems of the Seneca Family of Agencies (“Seneca”) were subject to a breach on or about August 27, 2021. The impacted Seneca systems include records of many patients and clients from several counties across California that received services from Seneca. The impacted systems include records of clients who were referred to Seneca by the San Francisco Department of Public Health, Human Services Agency, and Juvenile Probation Department. Seneca is providing the following notice of this breach. Please read it if you believe you or someone in your care may have received services with Seneca so you can access more information about this incident and apply for the credit monitoring and identity theft protection services that Seneca is required to offer to people impacted by the breach. This notice is also available at Seneca’s website at https://senecafoa.org/notice-of-data-breach/

"On August 27, 2021, Seneca Family of Agencies (“Seneca”) discovered that certain parts of our network may have been accessed by an unauthorized individual and we launched an investigation. The investigation determined that an individual accessed our network for a brief period of time between August 25th and August 27th, 2021. Therefore, in an abundance of caution, we reviewed our network to determine the type of data present. Although we have no evidence to suggest actual or attempted misuse of information as a result of this incident, we are notifying individuals with information contained within the network. The type of information varies by individual, but includes name and one or more of the following data elements: date of birth, Social Security number, address, phone number, email address, medical record number, treatment/ diagnosis information, health insurance information, Medicare/ Medicaid number, provider name, prescription information, driver’s license/state identification number, and digital signature. 

Upon discovering this incident, we reset account passwords and implemented additional security measures to further protect information. We are also providing potentially impacted individuals with access to credit monitoring and identity protection services as an added precaution.

If you have questions about this incident or would like to enroll in the credit monitoring and identity protection services, please call 855-675-2841, Monday through Friday (except U.S. holidays), from 6 am- 6 pm PST.

You may also write to us at 8945 Golf Links Road, Oakland, CA 94605.

In general, we encourage potentially impacted individuals to remain vigilant against incidents of identity theft and fraud by reviewing credit reports/account statements and explanation of benefits forms for suspicious activity and to detect errors. Under U.S. law, individuals are entitled to one free credit report annually from each of the three major credit reporting bureaus, TransUnion, Experian, and Equifax.

To order your free credit report, visit www.annualcreditreport.com or call 1-877-322-8228.

Individuals have the right to place an initial or extended “fraud alert” on a credit file at no cost. If individuals are a victim of identity theft, they are entitled to an extended fraud alert lasting seven years. As an alternative to a fraud alert, they have the right to place a “credit freeze” on a credit report. The credit freeze is designed to prevent credit, loans, and services from being approved without consent. Pursuant to federal law, individuals cannot be charged to place or lift a credit freeze on your credit report.

Should individuals wish to place a fraud alert or credit freeze, please contact the three major credit reporting bureaus listed below:

TransUnion

1-800-680-7289

transunion.com

P.O. Box 2000

Chester, PA 19016

Experian

1-888-397-3742

experian.com

P.O. Box 9554

Allen, TX 75013

Equifax

1-888-298-0045

equifax.com

P.O. Box 105069

Atlanta, GA 30348

Individuals can further educate themselves regarding identity theft, fraud alerts, credit freezes, and the steps to protect their personal information by contacting the credit reporting bureaus, the Federal Trade Commission (FTC), or their state Attorney General. The FTC also encourages those who discover that their information has been misused to file a complaint with them. The FTC may be reached at 600 Pennsylvania Ave. NW, Washington, D.C. 20580;  www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. Instances of known or suspected identity theft should also be reported to law enforcement, the state Attorney General, and the FTC."