Updated:           10/15/2025  3:30 PM

The City of Pittsburg, California encourages individuals to take steps to protect their personal information.

Table of Contents

1. Overview
2. What happened?
3. What information was involved?
4. What did the City of Pittsburg do to respond to the incident?
5. How do I find out if my information was involved?
6. What can I do to protect my information?
7. Other Important Information
8. Contact/For More Information
9. Frequently Asked Questions
   • Why did I receive a letter postmarked from Georgia?
   • Why did I receive a letter or multiple letters for individual(s) not associated with my address / who have never been associated with my address?
   • I received a letter, but the named individual is not associated with my address/has never been associated with this address. What do I do?
   • The intended recipient is deceased. How can I protect their information?

Overview

The City of Pittsburg, California is providing an update on a security incident that involved certain information maintained by the City of Pittsburg. The City of Pittsburg may maintain information about individuals for several reasons: if they are or were a resident, employee, dependent or beneficiary of an employee, or if they received services from or interacted with one of its departments (e.g., Water Utility Billing or Business License Division).

We encourage individuals to read this notice carefully as it contains important details about the incident and steps you can take to help protect your information.

What Happened?

As the City of Pittsburg previously shared, it became aware of a cybersecurity incident affecting a portion of its environment in August 2024. Upon detection, the City of Pittsburg took steps to contain the incident and engaged external cybersecurity specialists to secure its systems and thoroughly assess the situation.

On August 23, 2024, while the investigation was ongoing, the City of Pittsburg informed the Pittsburg community about the incident and the steps it was taking in response.  On May 7, 2025, the City of Pittsburg issued an update regarding its response and established a website where individuals could learn more about the incident and resources available to help protect their information. At that time, the City of Pittsburg also established a dedicated call center to assist individuals with inquiries related to the incident. The call center remains operational and will continue to be available for an additional 90 days from the date of this notice.

The City of Pittsburg recently completed its investigation and determined that certain information related to individuals may be involved.

What Information Was Involved?

The specific information involved is not the same for everyone. It depends on the individual’s relationship or interaction with the City of Pittsburg but may include an individual’s name and one or more of the following types of information: date of birth, Social Security number, medical information, health insurance information, financial account information, passport, and driver’s license or state identification number.

What did the City of Pittsburg do to respond to the incident?

In response to this incident, the City of Pittsburg has taken steps to further enhance the security of its systems. This includes strengthening authentication protocols and deploying new technologies to further enhance threat detection and response capabilities. Additionally, federal law enforcement was informed of the incident.

The City of Pittsburg is also providing 24 months of complimentary credit monitoring to individuals whose Social Security number or Driver’s License number may be involved.

How do I find out if my information was involved?

Individuals are encouraged to contact the City of Pittsburg’s dedicated call center to find out if their data was involved or if they have questions about the incident. The phone number is 855-260-7553. Representatives are available to help you Monday through Friday, from 6:00am through 6:00pm Pacific Time, excluding major U.S. holidays.

The City of Pittsburg is actively notifying potentially affected individuals through various communication channels. This includes through a nationwide media notice, this website notice, and letter mail for individuals whose contact information was available. Any updates relating to this incident will also be posted on this website.

What can I do to protect my information?

We encourage individuals to review the steps outlined below to safeguard their information and enroll in the complimentary credit monitoring and identity protection services we offer. Cybersecurity is an ongoing concern for everyone, as companies worldwide face increasing threats. By following the steps provided, individuals can better protect themselves.

1. Review Your Accounts for Suspicious Activity. We encourage you to remain vigilant by regularly reviewing your accounts and monitoring credit reports for suspicious activity.
   
   
2. Order A Credit Report. To order your free annual credit report, visit www.annualcreditreport.com, call toll-free at 1-877-322-8228, or complete the Annual Credit Report Request Form on the U.S. Federal Trade Commission’s website at www.ftc.gov and mail it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281. The three credit bureaus provide free annual credit reports only through the website, toll-free number, or request form.
   
   

   Upon receiving your credit report, review it carefully. Look for accounts you did not open. Look in the “inquiries” section for names of creditors from whom you have not requested credit. Some companies bill under names other than their store or commercial names; the credit bureau will be able to tell if this is the case. Look in the “personal information” section for any inaccuracies in information (such as home address and Social Security Number).

   If you see anything you do not understand, call the credit bureau at the telephone number on the report. Errors may be a warning sign of possible identity theft. You should notify the credit bureaus of any inaccuracies in your report, whether due to error or fraud, as soon as possible so the information can be investigated and, if found to be in error, corrected. If there are accounts or charges you did not authorize, immediately notify the appropriate credit bureau by telephone and in writing. Information that cannot be explained should also be reported to your local police or sheriff’s office because it may signal criminal activity.

3. Contact the Federal Trade Commission, State Attorney General, or Law Enforcement Authorities. You may contact the Federal Trade Commission (“FTC”), your state’s Attorney General’s office, or law enforcement, to report incidents of identity theft or to learn about steps you can take to protect yourself from identity theft. If you detect any unauthorized transactions in any of your financial accounts, promptly notify the appropriate payment card company or financial institution. If you detect any incidents of identity theft or fraud, promptly report the matter to the FTC, your state Attorney General’s office, or law enforcement authorities. Please note, this notification was not delayed by law enforcement authorities.
   
   

   To learn more about how to protect yourself from becoming a victim of identity theft, you can contact the FTC at: The Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580; 1-877-FTC-HELP (1-877-382-4357) (toll-free) or 1-877-IDTHEFT (1-877-438-4338); and www.identitytheft.gov and www.ftc.gov/idtheft/.

4. Additional Rights Under the Fair Credit Reporting Act. You have rights pursuant to the Fair Credit Reporting Act (“FCRA”), such as the right to be told if information in your credit file has been used against you, the right to know what is in your credit file, the right to ask for your credit score, and the right to dispute incomplete or inaccurate information. Further, pursuant to the FCRA, the consumer reporting agencies must correct or delete inaccurate, incomplete, or unverifiable information; consumer reporting agencies may not report outdated negative information; access to your file is limited; you must give your consent for credit reports to be provided to employers; you may limit “prescreened” offers of credit and insurance you get based on information in your credit report; and you may seek damages from violators. You may have additional rights under the FCRA not summarized here.
   
   

   Identity theft victims and active-duty military personnel have specific additional rights pursuant to the FCRA. We encourage you to review your rights pursuant to the FCRA by visiting https://files.consumerfinance.gov/f/documents/bcfp_consumer-rights-summary_2018-09.pdf or writing to the Consumer Financial Protection Bureau at: Consumer Financial Protection Bureau, 1700 G Street, NW, Washington, DC 20552.

5. Place a Fraud Alert on Your Credit File. You have the right to ask that nationwide consumer reporting agencies place “fraud alerts” in your file to let potential creditors and others know that you may be a victim of identity theft. A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you. You may place a fraud alert in your file by calling just one of the three nationwide consumer reporting agencies. As soon as that agency processes your fraud alert, it will notify the other two, which then also must place fraud alerts in your file.

    

   Equifax	Experian	TransUnion
   P.O. Box 105069 Atlanta, Georgia 30348 1-800-525-6285 https://www.equifax.com/personal/credit-report-services/credit-fraud-alerts/	P.O. Box 9554 Allen, Texas 75013 1-888-397-3742 https://www.experian.com/help/fraud-alert/	P.O. Box 2000 Chester, Pennsylvania 19016 1-800-916-8800 https://www.transunion.com/fraud-alerts

    

6. Request Security Freezes. You have the right to request a security freeze from a consumer reporting agency, free of charge, so that no new credit can be opened in your name without the use of a PIN number that is issued to you when you initiate a freeze. A security freeze is designed to prevent potential credit grantors from accessing your credit report without your consent. If you place a security freeze, potential creditors and other third parties will not be able to get access to your credit report unless you temporarily lift the freeze. Therefore, using a security freeze may delay your ability to obtain credit.

Unlike a fraud alert, you must separately place a security freeze on your credit file at each credit bureau. To place a security freeze on your credit report you must contact the credit reporting agency by phone, mail, or secure electronic means and provide proper identification of your identity.

The consumer reporting agencies may require proper identification prior to honoring your request. For example, you may be asked to provide the following information: 

• Your full name, with middle initial as well as Jr., Sr., II, etc.
• Social Security number
• Date of birth
• Current address and all addresses for the past five years
• Proof of current address, such as a current utility bill or telephone bill
• Social Security Card, pay stub, or W-2;
• Legible copy of a government-issued identification card, such as a state driver’s license, state identification card, military identification, or birth certificate; and/or
• Any applicable incident report or complaint with a law enforcement agency or the Registry of Motor Vehicles if you are a victim of identity theft

Below, please find the relevant contact information for the three consumer reporting agencies:

Once you have submitted your request, the credit reporting agency must place the security freeze no later than 1 business day after receiving a request by phone or secure electronic means, and no later than 3 business days after receiving a request by mail. No later than 5 business days after placing the security freeze, the credit reporting agency will send you confirmation and information on how you can remove the freeze in the future. Each agency will send you a confirmation letter containing a unique PIN or password that you will need to lift or remove the freeze. You should keep the PIN or password in a safe place. 

If your personal information has been used to file a false tax return, to open an account or to attempt to open an account in your name or to commit fraud or other crimes against you, you may file a police report in the city in which you currently reside. 

If you do place a security freeze prior to enrolling in the credit monitoring service as described above, you will need to remove the freeze in order to sign up for the credit monitoring service. After you sign up for the credit monitoring service, you may refreeze your credit file.  

Other Important Information.

1. For Iowa Residents. You may contact law enforcement or the Iowa Attorney General’s Office to report suspected incidents of identity Theft at: Office of the Attorney General of Iowa, Consumer Protection Division, Hoover State Office Building, 1305 East Walnut Street, Des Moines, IA 50319; 1-515-281-5164; and www.iowaattorneygeneral.gov
2. For Maryland Residents. You can obtain information about avoiding identity theft from the Maryland Attorney General at: Maryland Office of the Attorney General Consumer Protection Division, 200 St. Paul Place Baltimore, MD 21202; 1-888-743-0023 (toll-free in Maryland) or 1-410-576-6300; www.marylandattorneygeneral.gov.
3. For New York Residents. You can obtain information about security breach response, identity theft prevention, and identity protection information from the New York State Office of the Attorney General at: Office of the Attorney General, The Capitol, Albany, NY 12224-0341; 1-800-771-7755 (toll-free) or 1-800-788-9898 (TDD/TTY toll-free line); https://ag.ny.gov/; and the Bureau of Internet and Technology (BIT), 28 Liberty Street, New York, NY 1000;1-212-416-8433; and https://ag.ny.gov/internet/resource-center.
4. For North Carolina Residents. You can obtain information about avoiding identity theft from the North Carolina Attorney General at: North Carolina Attorney General’s Office 9001 Mail Service Center, Raleigh, NC 27699-9001; 1-877-566-7226 (toll-free in North Carolina) or 1-919-716-6400; and www.ncdoj.gov.
5. For Residents of Oregon. You may report suspected identity theft to law enforcement, including the Office of the Oregon Attorney General and the FTC. Contact information for the FTC is included in your notice. The Office of the Oregon Attorney General at: 1162 Court St. NE, Salem, OR 97301; 1-877-877-9392; and https://www.doj.state.or.us/.
6. For Washington, DC Residents. You can obtain information about avoiding identity theft from the Office of the Attorney General for the District of Columbia at: Office of the Attorney General for the District of Columbia, 400 6th Street NW, Washington, DC 20001; 1-202-727-3400; and www.oag.dc.gov. You have the right to request a security freeze (without any charge) as described above. 

Contact/For More Information.

We understand that this situation might raise questions or concerns, and we are here to support you. We have established a dedicated call center specifically for this matter. If you have any inquiries that were not addressed in this letter, please feel free to reach out to us at 855-260-7553. Our agents are available to help you Monday through Friday, from 6:00am through 6:00pm Pacific Time, excluding major U.S. holidays. Please note that this call center will be available for approximately 90 days from the date of this letter.

As mentioned earlier, if you need assistance with enrollment or have questions about the Experian IdentityWorks, please call 1-877-288-8057. You may also contact the City of Pittsburg by phone at (925) 252-4298 or by mail to Jitendra Kaneria, Deputy Chief Information Systems Office, 65 Civic Avenue, Pittsburg CA 94565.

Frequently Asked Questions

• Why did I receive a letter postmarked from Georgia?

  The City of Pittsburg has partnered with a third-party vendor named Epiq for assistance with mailing letters to individuals potentially involved in this incident. Epiq is headquartered in Georgia. As a result, Epiq postmarks the letters from their address in Georgia even though this incident affected the City of Pittsburg, California.

• Why did I receive a letter or multiple letters for individual(s) not associated with my address / who have never been associated with my address?

  The City has made efforts to send letters to the correct addresses of potentially impacted individuals. However, since people often move and may not update their contact information with the City, you might receive letters intended for individuals who no longer reside at your address or for whom we had incorrect address information initially, despite our efforts to verify.

  If you receive a letter not addressed to you, you may return it to the USPS by writing "Not at this address" or "Return to Sender" on the envelope. Then, place it back in your mailbox or a collection box. Be sure not to mark over the original address and cross out any barcodes to prevent it from being delivered again.

• I received a letter, but the named individual is not associated with my address/has never been associated with this address. What do I do?

  If you receive a letter not addressed to you, you may return it to the USPS by writing "Not at this address" or "Return to Sender" on the envelope. Then, place it back in your mailbox or a collection box. Be sure not to mark over the original address and cross out any barcodes to prevent it from being delivered again.

  If you have any questions as to whether your information was potentially involved in this incident, please feel free to call our dedicated call center at 855-260-7553. Our agents are available to help you Monday through Friday, from 6:00am through 6:00pm Pacific Time, excluding major U.S. holidays.

• The intended recipient is deceased. How can I protect their information?

We recommend reviewing the steps outlined below to safeguard your loved one’s information.

• Review Your Loved One’s Accounts for Suspicious Activity. We encourage you to remain vigilant by regularly reviewing your accounts and monitoring credit reports for suspicious activity.

• Order a Credit Report. Authorized individuals, a spouse, or an executor of an estate may request a copy of a loved one's credit report or flag a loved one's credit file with an alert. In most cases, a flag will prevent the opening of new credit accounts in your loved one's name. If you have not already done so, you may request that your loved one's credit report is flagged with the following alert: "Deceased. Do not issue credit. If an application is made for credit, notify the following person(s) immediately: (name and relationship to your loved one)." Individuals to list in this alert may include:

• next surviving relative, and/or
• another authorized relative, and/or
• executor/trustee of the estate, and/or
• a law enforcement agency.

You may also request a copy of your loved one's credit report to review whether there are any active credit accounts that need to be closed or any pending collection notices that need to be addressed. A request for a flag on your loved one's credit file or for a copy of your loved one's credit report must be in writing and should include the below information: 

Information Related to your loved one:

• Legal name
• Social Security number
• Date of birth
• Date of death
• Last known address
• A copy of the death certificate or letters testamentary. A "letters testamentary" is a document issued by a court or public official authorizing the executor of a will to take control of a deceased person's estate

Information related to the individual requesting the information or placing the alert:

• Full name
• Copy of a government issued identification
• Address for sending final confirmation

In the case of an executor, include the court order or other document indicating the executor of the estate.