Inmates’ personal health data exposed during cybersecurity incident, officials say

BATON ROUGE, La. (WAFB) - The personal health data of 80,000 inmates in Louisiana may have been exposed during a cybersecurity incident, according to the Louisiana Department of Public Safety and Corrections.

According to officials, the issue was discovered on July 6, 2022.

Officials said the incident happened at a contracted third-party health administrator called CorrectCare. They added two file directories operated by the company on a single server were exposed.

The information of pretrial and DOC inmates who received offsite medical care between January 1, 2013, and July 7, 2022, may have been exposed, according to officials. They added this includes names, dates of birth, DOC ID numbers, social security numbers, and limited health information. However, no driver’s license numbers, financial account information, or debit or credit card details were exposed. Officials said the breach did not impact electronic health records for those who received onsite medical care.

Officials said CorrectCare took steps to repair the issue in a matter of hours. An investigation has not uncovered evidence that health data was misused.

Inmates who may have been impacted are being notified by officials. The inmates are also being offered one year of free credit and identity theft monitoring services through Experian. Click here for more details about enrolling in the free help.

CorrectCare remains in contact with DOC to keep them informed about the data exposer, according to officials.

Click here to report a typo.

Copyright 2022 WAFB. All rights reserved.

Comments are closed.