The state has notified federal civil rights authorities after a mistake made by a Florida company exposed private records of up to 71,000 poor and low-income Georgians over the Internet for at least eight days, officials said Wednesday.

The federal Office for Civil Rights was alerted because it oversees federal regulations guarding the secrecy of medical records, said Ruth Carr, director of compliance for the state Department of Community Health.

Also alerted to the breach were the Centers for Medicare and Medicaid, the Governor's Office of Consumer Affairs and the Georgia attorney general's office.

The files, accidentally placed on the Internet by an employee of WellCare Health Plans Inc. of Tampa, may have included people's Social Security numbers, Medicaid or PeachCare for Kids numbers, and their names, birthdates and dates of eligibility for the insurance programs.

The data breach was disclosed in a statement issued by WellCare of Georgia, a branch of the Tampa company. The people affected are members of the federal Medicaid health program for the poor and the state-federal PeachCare for Kids program for children of low-income working families.

"This was dumb human error within a large corporation," Carr said.

Community Health Department spokeswoman Lisa Marie Shekell said 453,046 Georgians are enrolled with WellCare, a care management organization that contracts with the state to provide insurance services to Georgia's poor.

She said 71,000 people either have been notified by letter or will be.

As some records may have been viewed by unauthorized persons, "it's important for people to understand that they need to guard against identity theft," Shekell said.

"They should be reviewing all credit card information, review other financial account information and watch their accounts for activity that may not be theirs, and then contact that bank or credit card company to make them aware of that activity," she said. "People should call 1-888-505-1189."

Shekell said the state is investigating how long the information was exposed. It also is requiring WellCare to provide all affected Georgia families with information in English and Spanish.

Those affected will receive free credit monitoring services for a year. WellCare also will tell people how to get two free credit reports a year from the Equifax, Experian and TransUnion credit bureaus.

Those who suspect information may have been seen can place a "credit freeze" on their files so that no credit reports can be released without their approval, Community Health officials said.

WellCare must also submit to the state a complete incident report, including a cause analysis and a plan to avoid similar mistakes. The breach was discovered March 20, but the computer servers containing the information were not secured until March 28, said Amy Knapp of WellCare Health Plans. It was not known when the material appeared online.

The state was notified March 31. By April 2, "all information had been removed," Shekell said.