Orlin Wagner, AP
SALT LAKE CITY — The number of people whose personal information was stolen from a state health department computer server has grown to more than 700,000 — up from initial reports of 24,000 files, state officials announced Monday.
Some 280,000 people had their Social Security numbers listed in state health data stolen from a computer server last week in what local officials are calling the most extensive data breach in state history.
Another 500,000 victims had less sensitive personal information taken, state health department and technology services officials said. The "less sensitive" information was described as names, dates of birth and addresses. Officials said there may be some overlap between the groups, and information was still being reviewed.
The victims are likely to be people who visited health care providers in the past four months. Many are children who are enrolled in Children's Health Insurance Program or Medicaid, although adults are also victims, officials said.
Thus far the state has received no reports that the information has been used to fraudulently obtain loans, credit cards or for other purposes.
The state is in the process of notifying all victims and will contact them by mail. A website has been established — www.health.utah.gov/databreach — that provides detailed information and resources for victims. Medicaid and CHIP clients can also call 1-800-662-9651 for assistance.
Utah Department of Health spokesman Tom Hudachko warned victims that scammers may contact them on the phone or by e-mail requesting further information.
"We strongly recommend that people do not provide private information in response to telephone or email contacts they have not initiated," Hudachko said.
"Possible victims should be aware that nobody from the Utah Department of Health or the Utah Department of Technology Services will be contacting them for personal information through email or over the phone.
Kirk Torgensen, chief deputy of Utah Attorney General's Office Criminal Division, said victims need to act swiftly upon receiving their notifications.
"Be vigilant. Look at your accounts. Look at them daily. Look at your credit report. If you feel like anything is amiss, please go to our website," he said, referring to www.idtheft.gov.
The state is offering free credit monitoring for a year for victims whose Social Security numbers were compromised.
Torgensen further encouraged victims to freeze their credit or that of their children to ensure that the information that was breached cannot be used fraudulently. The "freeze" costs about $10 but it could save many headaches down the road.
"People really need to look at their credit files right away," he said. Many victims do not act for nine months to a year, which can be too late. "Then the damage can be terrible," he said.
The state Department of Technology Services is working with local law enforcement and the FBI on a criminal investigation into the security breach.
Greg Bretzing, assistant special agent in charge of the FBI's Salt Lake City office, confirmed that "a federal criminal computer intrusion investigation" has been opened.
"We will be working, and have been working, with the state over the last week or so to determine the nature of the intrusion and the information that was stolen," Bretzing said.
The data attack occurred after hackers on March 30, 2012 illegally gained access to a Utah Department of Technology Services computer server that stores Medicaid and CHIP data claims. DTS officials detected the security breach on April 2, and immediately shut down the server.
- Supervolcano hidden in plain sight in Utah...
- Utah husband wins 'Most Memorable Moment'...
- Better than a raise: The smallest thing you...
- Many Mormon missionaries who return home...
- Pay increase for Gov. Herbert, other elected...
- The Grand America and the Flower Patch: Once...
- National Weather Service radar mistakes swans...
- Passerby was mistakenly used as translator in...
- Pay increase for Gov. Herbert, other... 66
- Legal analysis supports Utah's law on... 36
- Do Utah high school students need four... 26
- Supervolcano hidden in plain sight in... 19
- Rare snowstorm traps I-15 motorists... 14
- John Swallow lost computer hard drive... 12
- Better than a raise: The smallest thing... 11
- 'Deseret News Sunday Edition' looks at... 10