WARCOG Data Breach - Frequently Asked Questions
Printable .pdf Version

What happened?
On or about June 28, 2017, the FBI notified Wooster-Ashland Regional Council of Governments (WARCOG) that it was the victim of a cyber attack by which an unknown third-party was able to access a computer file containing the personal information of individuals listed within police incident reports originating in the Cities of Wooster, Ashland, and Orrville over the last ten years.  As a result, if you were involved in an incident involving the police in one of these cities in the last ten years, some of your personal information may have been exposed to others.

When did it happen?
WARCOG became aware of the incident on or about June 28, 2017. 

What personal information could have been accessed?
The personal information potentially at risk of being accessed included first and last names, home addresses, dates of birth, social security numbers, and driver's license numbers.

Did you contact the police?
Yes.  We reported the incident to the local police as well as the FBI and they are investigating.     

Why was I notified?
The privacy and security of your personal information is very important and we wanted you to know about the possible exposure of your personal information.  Also, some state laws require notification to potentially affected individuals.   

How many other people are affected by this?
Approximately 123,000.

I do not work for WARCOG why was I notified?
This incident potentially affects individuals listed within police incident reports originating in the Cities of Wooster, Ashland, and Orrville over the last ten years.  You were identified as such an individual.

Are you providing identity theft protection?
Yes.  WARCOG is offering affected individuals an option to safeguard their credit.  An individual can enroll in one year of free credit monitoring (2 years for CT residents per the request of the CT Attorney General) through Equifax ® and its Credit Watch TM Silver credit monitoring and identity theft protection product.  The credit monitoring enrollment information and costs are discussed in the letter sent to you.  

What are you doing to protect me?
Upon learning of the cyber attack, WARCOG took steps to address this incident promptly after it was discovered, including undertaking an internal investigation of the matter to develop a better understanding of what had taken place and how.  The FBI is currently investigating the incident.  We also reported the incident to local law enforcement, which is also investigating.  This notification was not delayed as a result of a law enforcement investigation.  We have also engaged the services of an independent computer forensic firm to ensure that the computer system is now secure.  We are in the process of reviewing our internal policies and data management protocols and have implemented enhanced security measures to help prevent this type of incident from recurring in the future. 

As stated in the letter that was sent to you, we have also arranged to have Equifax protect your identity for one year at no cost to you through its Credit Watch TM Silver credit monitoring and identity theft protection product. 

Is the security or confidentiality of my personal information at risk at this time?
We believe that the vulnerability on our network has been secured and that your personal information is no longer accessible.  We urge you to take advantage of the credit monitoring option discussed in the letter you received.

What do I do if I see suspicious activity in my bank account or credit file?
If you detect any suspicious activity in your bank account or credit file, you should contact your bank to report any suspicious activity, change online passwords and check your credit reports. Suspected fraud should also be reported to local law enforcement.

I think I may have been the victim of fraud.  What should I do? 
If you believe you have been the victim of fraud, we encourage you to contact law enforcement, and your card company or the financial institution that issued the card.  We also encourage you to take advantage of the identity monitoring and identity protection services that we are making available through Equifax to any potentially affected client, free of charge for the next 12 months (24 months for CT residents).

Do I need to take any action?
We do not believe that you need to take any action other than monitoring your credit as outlined in the letter that was sent to you.  We encourage you to take advantage of the Equifax option.

Equifax data breach affects millions - September 11, 2017

Breach occurs before WARCOG offers Equifax service to those affected by WARCOG data breach

For those affected by the WARCOG data breach, the breach at Equifax may be especially frustrating. The Wooster-Ashland Regional Council of Governments offered a free year of credit monitoring to those whose data was stolen earlier this summer. The letters from WARCOG with the information were sent out on Aug. 7, 2017. The Equifax data breach is reported to have occurred from mid-May through July of this year. Although individuals may be impacted by both of the breaches,  the two incidents are not related. 

Read the Ashland Times-Gazette article by clicking on their logo: Ashland Times-Gazette 



WARCOG Press Release August 2017

Data Breach Update - August 7, 2017

The Wooster-Ashland Regional Council of Governments sent notifications by mail to all persons affected by the data breach on Monday, August 7th.

Approximately 123, 000 individuals will be receiving notice. Only persons who are directly impacted by the breach will receive a letter explaining the options and programs that the WARCOG is offering. The notification will contain a call center number for inquiries and enrollment instructions for the programs.

Extra diligence monitoring your bank or credit records is encouraged for everyone that receives a letter. Any suspicious activity should be reported to your local law enforcement agency.


Data Breach Update - July 11, 2017

On Thursday, July 6, The Daily Record published an article updating the information about the data breach at the WARCOG dispatch. According to the article, 

"Linda Applebaum, Wooster's law director, and Joel Montgomery, director of administration, said WARCOG officials were told Thursday by the FBI that the scope of the breach was smaller than originally thought. That number is less than 135,000, a third less than initially believed compromised. Approximately 6,000 of those records obtained belonged to individuals who live outside of Ohio." 

Although the scope is smaller than originally believed, the Council of Governments is still taking the breach very seriously. The FBI is continuing their investigation to determine exactly which records were compromised. 

Huszai also reported that "...WARCOG currently use[s] up-to-date cybersecurity measures, including antivirus and antimalware protection, ransomware protection, random phishing tests, employee training on the issue, next-generation firewalls and a darktrace." However, according to Bob Eshelman, Wooster's IT manager, "even the darktrace -- a cybersecurity measure that scans normal network behavior and alerts for anomalies -- could not detect this hack."  It should be noted that the FBI has commended the WARCOG dispatch for their practice of "layering security."

View The Daily Record's website and read the article by Steven F. Huszai by clicking on the link below:

Daily Record - WARCOG still Investigating




Data Breach - July 1, 2017

The computer network for the Wooster-Ashland Regional Council of Governments experienced a data breach on May 26, 2017. The FBI is currently investigating the incident. The cities involved are fully cooperating with the FBI's investigation as well as working to increase the security of the network's systems. 

The Council is taking this intrusion very seriously. The privacy of our constituents and the confidentiality of their personal information are of critical importance to us. As the information becomes available, those affected by the intrusion will be contacted and informed of steps which they can take to protect themselves. Free credit monitoring and identity theft protection services will be provided free of charge to those affected by the breach.

A copy of the Press Release can be seen by clicking on the link below:

Press Release

WARCOG Press Release 070117