The City of McKinney, Texas disclosed a significant data breach that exposed sensitive personal and medical information of thousands of residents.
What happened
On November 14, 2024, city officials detected unauthorized access to their IT systems, which forensic investigators later determined began on October 31, 2024. The breach affected approximately 17,751 of McKinney's 213,000 residents.
What's new
The city began mailing notification letters to affected individuals on February 4, 2025, after completing its investigation. Officials are offering victims one year of free credit monitoring and identity theft protection services through TransUnion and Cyberscout.
What they're saying
"Privacy and security are our top priorities," the city stated in its official notice. "We deeply regret that this incident occurred and will continue to implement the most stringent security protocols available to prevent incidents like this one in the future."
The city emphasized it is providing notice "out of an abundance of caution and in compliance with applicable laws," while noting it is "unaware of any actual or attempted misuse of any information."
Why it matters
This breach is particularly concerning because it compromised both government and healthcare data. When municipal systems containing medical information are breached, it creates unique risks for residents who trust their local government to protect sensitive personal data. The combination of medical and financial information could enable various forms of identity theft and insurance fraud.
Looking ahead
Multiple law firms, including Levi & Korsinsky, LLP, are investigating the breach, suggesting possible legal action. The city has stated it will "continue to implement the most stringent security protocols available to prevent incidents like this one in the future."
FAQs
How can residents determine if they were affected?
Individuals can call 833-799-4194 to verify if their information was compromised.
What type of information was exposed?
The breach may have exposed Social Security numbers, driver's license numbers, credit card information, financial account details, and medical/health insurance information.
What should affected residents do?
Accept the offered credit monitoring services and carefully monitor financial and medical statements for suspicious activity.
