The health department announced they have experienced a security breach in their email system that exposed some Lake County residents’ personal information, the second breach of the year.
Lake County officials said on Wednesday they became aware of the breach on November 1.
It involved an unauthorized third party gaining access to a Lake County Health Department and Community Health Center employee’s email account.
The impacted email account included partially de-identified information regarding Lake County residents who may have been part of a disease cluster or outbreak that was investigated by the health department between July 2014 and October 2023.
Lake County officials secured the account and investigated the unauthorized activity with Microsoft.
The county hired a third-party vendor on March 9 to perform a forensic analysis of the initial penetration and the unauthorized activities.
No evidence of unauthorized transfer of data contained in the email account was found but it cannot be ruled out, the health department said.
Information that may have been exposed includes names, addresses, zip codes, dates of birth, phone numbers, email addresses and diagnoses or conditions.
Social Security numbers and financial information were not included.
“We want to assure those affected that we continue to actively address cyber-security concerns, as we are dedicated to protecting your privacy and personal information,” the health department said in a statement.
The breach is the second one of the year involving the Lake County Health Department.
In May, the department announced a nearly identical breach involving an unauthorized third party gaining access to an employee’s email account.
Anyone with questions regarding the breach can call the Lake County Health Department Privacy Officer at 855-204-2684.