SACRAMENTO, Calif. — For nearly five months, thousands of Sacramento County Correctional Health patients had their information exposed to the public internet in a data breach by a county contractor, Sacramento County announced Thursday.
Between Jan. 2 and July 6, two unsecured folders containing the health information of 5,372 Sacramento County Correctional Health patients was exposed to the internet by CorrectCare Integrated Health Inc., a county contractor. Those who were impacted have been mailed notices.
Testing of security folders on July 7 found the issue was remedied and the files were secure. According to the county, a search of the dark web was conducted and found no data related to the breach.
CorrectCare hired a cybersecurity firm to conduct an investigation into the breach and informed the county about it on Oct. 25. The contractor is now offering free credit monitoring, credit resolution, and identity restoration services for one year to all impacted patients.
The breach was reported to the U.S. Department of Health & Human Services and to the California Department of Health Care Services.
Watch more from ABC10: FBI warns Sacramento about scam calls