The Houston Health Department alerted patients on Feb. 24 to a breach of health information that officials said exposed COVID-19 test results and personal information.
The department assured clients in a press release that the breach wasn't a result of hackers or anyone looking to maliciously use the data.
"The investigation to confirm the scope of the incident and to acquire resources for notifications took several weeks," the department said in the release. "The root cause appears to be a technical issue within the portal that erroneously linked some user accounts."
According to the department, about 3,500 portal users potentially had access to up to 10,000 COVID-19 test results, including but not limited to patient names, addresses and dates of birth.
The portal doesn't gather Social Security or financial information.
The department deactivated its COVID-19 test results portal for 48 hours early last month after it was made aware of the potential breach.
Affected individuals are being sent letters about the incident and information pertaining to a year's worth of free identity protection services, the release said.
Letter recipients and those who used the portal are urged to call 1-833-599-2432 from 8 a.m. through 8 p.m. Monday through Friday except holidays.
Interpretation services are available and the hotline is toll-free.
The announcement came about more than a week since the FBI conducted a raid of the health department's headquarters as part of its investigation of a "department marketing vendor and employee conduct."
An administrative marketing coordinator in the department, identified as Barry Barnes, is on administrative leave during the investigation, the Houston Chronicle reported.
The raid and the portal breach are unrelated.