COLUMBUS, Ohio — Columbus city officials announced some citizens' private health information was compromised in July's cyberattack.

Officials said less than 1,000 individuals who were in a Division of Fire database were part of the records that were exposed. The city said the database and the records include brief notes about emergency medical services and the location from which the call was placed.  

“The information in these notes was not the same for everyone,” a release from the city reads. “The data may include a combination of individuals’ first and last name, address, date of birth, date of service, and/or brief notes on the EMS service provided. A very small number of Social Security numbers were also contained in the PHI.”

The city said the breach of health records was discovered on Dec. 12, 2024. As of Monday, the city said it’s unaware of any attempted misuse of the personal information that was compromised. 

The Division of Fire will be mailing letters to those who had their personal health information exposed through the cyberattack. Those individuals will also qualify for two years of free Experian credit and dark web monitoring services. The city said residents will have 90 days from when the letter is sent to enroll for the protection. 

Columbus made the free Experian credit monitoring available for residents who may have shared their private information with the city. It’s still available until March 31, and residents can sign up here. 

The investigation into the cyberattack is ongoing. The attack shut down city systems for months, exposing data for nearly 500,000 residents, officials said in an update in November. A lot of data was also leaked into the dark web, officials confirmed.