Orlin Wagner, AP
In this Tuesday, Dec. 13, 2011 photograph, Dr. Daniel Shuman, a member of the medical staff at Ashland Health Center, leaves the records area in Ashland, Kan. The center draws doctors to rural Kansas by offering paid time for international mission work.

SALT LAKE CITY — The Utah Department of Health advised Medicaid recipients Wednesday to monitor their credit and financial accounts following a security breach of  thousands of Medicaid claims records by Internet hackers.

According to UDOH, the breach occurred on March 30 as technicians from the Utah Department of Technology Services were exchanging computer servers. Information from about 24,000 files stored on servers like the one that experienced the breach could include client names, addresses, birth dates, Social Security numbers, physician’s names, national provider identifiers, addresses, tax identification numbers and procedure codes designed for billing purposes.

"DTS is investigating to determine how many individual Medicaid clients may have been affected, and what personal information may have been compromised," said UDOH spokesman Tom Hudachko. "DTS had recently moved the … records to a new server, and hackers believed to be operating out of Eastern Europe were able to circumvent the server’s multi-layered security system."

The affected server has been shut down, he said, and new security measures have since been implemented.

"The agency takes such attacks by thieves seriously and is cooperating with law enforcement in a criminal investigation," Hudachko said.

Initial tracing of the downloaded information pointed to Eastern Europe, but officials acknowledged that the hackers could be working from elsewhere.

DTS executive director Steve Fletcher said the newly installed server had "weaker controls" than the server it was exchanged for, creating a system vulnerability. Officials detected the breach on Monday when they noticed the information had been accessed by an unauthorized user.

"We try to put controls in place that … if one fails then something else will be there in order to take its place," Fletcher explained. "Through (the hackers') expertise and capabilities, they were able to circumvent some of these controls that we put in place."

He said DTS is re-evaluating its security measures and policies to ensure effective security.

"We are not sure of the actual method (used) to circumvent those controls," Fletcher said. "We want to make sure we have (procedures) in place for all of our data storage … to have very tight, sophisticated controls on our servers."

In the meantime, the agencies are working to determine exactly who was impacted by the breach.

"As of right now, we don't have the names of all the people who have been compromised," said Michael Hales, UDOH deputy director and Medicaid director. "We have prepared letters to go out and as soon as we get the names of all of the individuals who were impacted, then we will (notify them)."

Hales said the names of those affected should be known by week's end and they would be contacted immediately.

Until then, UDOH is advising all Medicaid clients to monitor their credit and to keep a close eye on their bank accounts. Concerned Medicaid clients can call 1-800-662-9651 or visit www.health.utah.gov to get more information on free resources that individuals can access to protect their credit and their personal information, Hudachko said.

Fletcher said his agency will continue to investigate further to determine how the hackers penetrated the security system and do whatever is necessary to prevent future breaches.

"These hackers are very, very sophisticated and that's one of the things that we want to document so that we can to put more controls in place to make sure that it will not happen again," said Fletcher. 

E-mail: jlee@desnews.com, Twitter: JasenLee1