CorrectHealth Breach - November 10, 2021

CorrectHealth is a system that specializes in offering healthcare to correctional facilities. The company operates in over 37 detention centers and covers more than 14,000 incarcerated individuals.

What Was the Breach?

The breach was publicized in August 2022 after months of investigation. It showed that the hackers accessed names, social security numbers, financial information, driver’s license numbers, addresses, medical information, and passport information in the breach. The FBI is involved in the ongoing investigation.

How Did the Breach Occur?

The breach was a phishing scam. The breach was detected on November 10th, 2021, when company officials discovered that one of its employee emails was compromised in the scam. So far, the investigation has shown no sign of identity theft related to the incident.

When Did This Breach Occur?

This breach occurred sometime before November 10th, 2021.

Who Does the Breach Impact?

The breach can impact anyone in the number of correctional facilities that CorrectHealth serves. CorrectHealth has refused to comment but did send notification letters to the involved inmates and their families in August of 2022. The breach did not come into the public eye for a few months after the company announced the breach.

How Many Files Does the Breach Affect?

The breach affected an estimated 54,000 prisoners. It is far more challenging for inmates to take measures to protect themselves from behind bars. It will be much easier for the bad actors to use the personal information of the individuals because the inmates won’t receive any notifications when their data is being used.