Public health officials in Delaware on Sunday disclosed that the personal information of thousands of people who were tested for the coronavirus this summer was mistakenly shared with an unauthorized individual.
The state’s Division of Public Health said the data breach happened when a temporary staff member sent two unencrypted emails in August that included files with the test results, names, dates of birth and phone numbers of 10,000 people. The files did not include financial information, the Delaware State News reported.
The emails were meant to be distributed among the employees of a call center who help people obtain their test results, but the temporary agency staffer sent it to an unauthorized user by mistake, officials said. The person who received the emails on Aug. 13 and Aug. 20 alerted the division about the error and reported deleting the messages.
The first email had the information of people tested between July 16 and Aug. 10. The second email included the data of people tested on Aug. 15.
The agency said officials have reported the breach to the U.S. Department of Health and Human Services and the Delaware Department of Justice. In addition, the agency will open a call center dedicated to providing information about the data breach. People with questions can call 1-833-791-1663 starting Monday.
The person who sent the emails is no longer employed by the agency. Staff were retrained on the appropriate policies and procedures.
Related: Microsoft: Russian, North Korean Hackers Target Vaccine Work
