IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Sacramento County, Calif., Phishing Scam Exposed Data

Thousands of records containing health information and hundreds more with personal identifying information were exposed after a phishing scam involving Sacramento County employees last year.

shutterstock_Phishing
(TNS) — Thousands of records containing health information and hundreds more with personal identifying information were exposed after a phishing scam involving Sacramento County employees last year.

In a news release, county officials said five employees gave out their official login information through an external website after receiving emails sent by unknown scammers on June 22, 2021.

During an audit of email mailboxes on Nov. 17, the county discovered that 2,096 records containing protected health information and 816 records of personal identification information were exposed after the phishing scam.

Those whose information was exposed by the scam were notified by mail Friday. These victims were offered a year of free credit monitoring, credit resolution and identity restoration services.

Since the data breach, the county has changed passwords and strengthened password requirements, updated its security management plan, retrained workers and implemented two-factor authentication.

The phishing scam was reported to the Sacramento County Sheriff's Office, the U.S. Department of Homeland Security, the U.S. Department of Health and Human Services and the California Department of Health Care Services.

© 2022 The Sacramento Bee (Sacramento, Calif.). Distributed by Tribune Content Agency, LLC.