SACRAMENTO, Calif. — A Northern California medical provider is warning about 15,000 patients that their medical and identifying information may have been stolen.

UC Davis Health said Thursday it is warning patients “out of an abundance of caution” and that there is no sign the scammer actually acquired the sensitive information.

An employee opened a bogus email on May 15, giving the electronic intruder access to the employee’s email. The intruder then made fake fund-transfer requests to other employees.

The scam was quickly halted. But the employee’s email included some patients’ names, addresses, telephone numbers and some medical record numbers, diagnoses and Social Security numbers.

Spokesman Charlie Casey says it took nearly two months for technicians to investigate before officials began notifying patients. The health system is offering affected patients identity- and credit-protection.