Network intruders compromised health information on current and former U.S. Postal Service employees who filed for workers’ compensation, USPS officials say.
The files were accessed during a previously reported September cyber intrusion that netted the Social Security numbers of about 800,000 USPS employees. Details of the health data breach are just now being revealed for the first time.
The agency does not face health data security fines or Health and Human Services Department breach notification violations, because the data was not part of an insurance plan.
About 485,000 employees, former employees and retirees whose medical details were potentially exposed received a notification letter last month, USPS spokesman David Partenheimer said.
The information potentially compromised was stored in "a file relating to injury compensation claims," USPS Chief Human Resources Officer Jeffrey Williamson said in the letter dated Dec. 10. "In addition some of your medical information” associated with the claims may have been breached.