Medicaid data breach widens to include more than 181K individuals, 25K Social Security numbers
Shutterstock
SALT LAKE CITY — The security breach of one of Utah's computer servers that houses Medicaid and Children's Health Insurance Program information affected more than 181,600 people, officials said Friday after having a week to assess the damages.
Of those individuals who had their personal information removed from the server late Sunday, 25,096 appear to have had their Social Security numbers compromised, according to Utah Department of Health spokesman Tom Hudachko.
UDOH officials announced the breach Wednesday, while an internal investigation was ongoing. At this point, letters will be mailed to individuals whose information was compromised, including instructions and access to resources on what to do next.
Hudachko said those affected will have an option to take advantage of free credit monitoring services for one year.
"We understand clients are worried about who may have accessed their personal information, and that many of them feel violated by having their information compromised," said UDOH deputy director Michael Hales. "But we also hope they understand we are doing everything we can to protect them from further harm."
Initially, it appeared 24,000 claims had been accessed. As the investigation progressed, it was determined that hackers actually obtained 24,000 files, each of which can potentially contain claims information on hundreds of individuals.
The cyber attack was traced to a moment in time when the server did not have ample protection in place. An Internet protocol address led to hackers in Eastern Europe, according to Utah Department of Technology Services spokeswoman Stephanie Weiss. She said the agency was working with the FBI to uncover more answers.
DTS has also identified where the breakdown occurred, and has implemented new processes and taken additional steps, to ensure the same type of breach will not happen again. Those steps include increased network monitoring and the implementation of intrusion detection capabilities.
Concerned Medicaid clients are still encouraged to call 1-800-662-9651 for more information on how to protect themselves and their identities. Information is also available online, at www.health.utah.gov/databreach.
E-mail: wleonard@desnews.com
Twitter: wendyleonards
DeseretNews.com encourages a civil dialogue among its readers. We welcome your thoughtful comments.
— About comments
Wendy Leonard works as a reporter for the Deseret News, and while her daily duties are dictated by breaking news, she currently focuses on writing about issues involving health care, medicine and transportation. She began more ..
- Davis County honor student arrested in deaths...
- Steven Powell can't go back to his home,...
- Letters to family show Steven Powell still...
- Man charged with killing Ogden officer found...
- Josh Powell made 'admission of guilt' in...
- Police locate West Point teen called 'person...
- Stump the Smith: Can you answer the questions...
- One third of millenials regret going to college
Subscribe
Mobile
RSS
- Chaffetz not willing to take...
66 - Mia Love announces she's officially... 43
- S.L. draws up airport plans 33
- Couples registry gets preliminary nod... 29
- XanGo co-founder accuses partners of... 25
- 'We're here to serve all boys,' Utah... 23
- Search for Susan Cox Powell is over,... 21
- Gov. Gary Herbert tells Washington... 17
@My2Cents
The states administer medicaid and process the claims.
@My2cents
agit8r - you are correct. When I moved back to Los Angeles, I had to switch to "Medical," a whole different animal with coverage exclusions very different from Utah. The same goes for food stamp eligibility. Federal More..
And why does Utah seem to think it has the right to impose and illegally amass personal and private information about medicaid recipients the federal program of Medicaid? Utah is not a Representative of Medicaid or citizens records nor do they have More..