Seven nurses had their information exposed. City officials couldn’t identify them, so they sent warning letters last week to all 600 people who were then registered in the system.
“We talked to this individual and confirmed they were a legitimate user on the system, and we didn’t see any evidence of downloading information or manipulating information,” Lalley said. “It seemed like to us an accident, so this person accidentally exposed a vulnerability we didn’t know was there.”
The breach happened two days after a new nurse licensing system launched April 25. Health officials became aware April 30 and shut the system down for five days.
City officials haven’t found evidence that anyone else was able to access the nurses’ private information, Lalley said.
Correction: An earlier version of this story incorrectly reported that the nurses will be offered three years of credit-monitoring services.