Call Us

Union County, Ohio, Data Breach

Posted on behalf of Arnold Law Firm on September 26, 2025 in Data Breach

NOTICE: If you received a NOTICE OF DATA BREACH letter from Union County, Ohio, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.

​​​​​​​​On September 24, 2025, Union County, Ohio began notifying residents and employees of a major cybersecurity incident, revealing that the county’s systems had been compromised in a ransomware attack earlier in 2025. The incident reportedly took place between May 6 and May 18, 2025, during which attackers accessed and extracted sensitive personal and financial data (the “Data Breach”). Approximately, 45,487 people have been affected by the Data Breach. 

Recently, Union County has begun sending data breach notification letters to those affected and is offering complimentary identity protection and credit monitoring services. If you received a Data Breach notification letter from Union County, Ohio, it confirms that your information was potentially impacted.

Union County, Ohio, is home to more than 60,000 residents and includes the county seat of Marysville. The county government provides essential public services including law enforcement, elections, health services, and infrastructure maintenance. It is known for a growing population, proximity to Columbus, and a mix of suburban and rural communities. As of early 2025, Union County employs over 600 government workers. 

Union County Ohio Data BreachWHAT INFORMATION IS INVOLVED IN THE UNION COUNTY, OHIO, DATA BREACH?

The following types of information may have been compromised in the Data Breach:  

  • Names, 
  • Social Security numbers, 
  • Driver’s license information/state ID information, 
  • Identification card numbers, 
  • Financial account information, 
  • Dates of birth, 
  • Fingerprint information, 
  • Medical information, 
  • Payment cards information, 
  • Passport number. 

This information is called your Personally Identifiable Information (“PII”). It tells others about you and is considered part of your identity. Businesses are required to secure this information or risk facing statutory penalties, among other legal penalties. Stolen PII can be used by identity thieves to engage in fraudulent activity using your identity. 

Personal medical information (a specific type of PII) is referred to as Protected Health Information (“PHI”). It is protected under both state and federal law. Healthcare providers and other businesses who handle PHI are required to protect that information. Like stolen PII, stolen PHI can be used by identity thieves to engage in fraudulent activity using your identity. Quite often, PII and PHI are used in conjunction by hackers.

The best way to protect yourself after a data breach is to sign up for credit and identity protection services as soon as possible. 

California offers extra protections and legal rights to its residents through the California Consumer Privacy Act (“CCPA”).

NOTICE: If you received a NOTICE OF DATA BREACH letter from Union County, Ohio, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.