Hackers might have accessed the medical records and other personal information of tens of thousands of Medicaid recipients in November, Florida officials announced late Friday.
Florida's Agency for Health Care Administration (AHCA) said in a press release reported by The Associated Press that one of its employees was the "victim of a malicious phishing email" on Nov. 15, exposing the records of up to 30,000 Medicaid enrollees.
Preliminary findings from an inspector general's investigation found that hackers may have accessed the recipients' names, Medicaid ID numbers and other personal identifiers such as birthdays, addresses and Social Security numbers, along with medical conditions and diagnoses, the AHCA said.
The state agency said it was training employees on security protocols following suspected breach but said it had "no reason to believe" the information had been misused. The agency provided a hotline for Medicaid recipients to call.
Cyber threats have long posed issues for health providers and agencies handling sensitive data, with cybersecurity concerns about personal information reaching the federal government in the past as well.