Hackers target Medicaid claim forms in Utah

Share this article:

Hackers, believed to be operating out of Eastern Europe, breached a server at the Utah Department of Health (UDOH) to access thousands of Medicaid records.

How many victims? 24,000 claims were compromised. The state has 260,000 Medicaid patients.

What type of personal information? That remains under investigation. But typically claims include names, Social Security numbers, addresses, birth dates, doctor names and tax ID numbers.

What happened? The Utah Department of Technology Services (DTS) recently migrated the claims to a new server, which was supposed to be protected with multiple layers of security. Either the server was not properly secured, or the hackers were able to evade the defenses that were in place.

The attackers compromised the server on Friday and began downloading information Sunday night. The breach was discovered the following day, and the server has since been taken offline.

Details: The intruders, whose activity was traced back to Eastern Europe (though investigators are unsure if that's exactly where they were located), apparently used passwords to gain access to the server.

What was the response? UDOH is still investigating exactly how many people were affected, and it will notify them via mail. Individuals whose claims included Social Security numbers will receive one year of free credit monitoring.

As it performs this work, the agency is advising all Medicaid recipients in the state to check their credit and bank statements for possible indicators of fraud.

Meanwhile, DTS is analyzing all state servers to ensure they are protected, as well as reviewing statewide IT policies and procedures.

Source: Utah Department of Health, news release, "State Agencies Investigating Data Breach," April 4, 2012. The Salt Lake Tribune, sltrib.com, "Worker error exposes Utah Medicaid patients to hackers," April 4, 2102.

UPDATED: State officials said the number of victims was actually much higher than initially believed because the stolen records were actually files, not individual claim forms.

Share this article:
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Hackers breach social network MeetMe

Hackers took advantage of a vulnerability and were able to access information on an undisclosed number of MeetMe users.

Professor hacks University Health Conway in demonstration for class

A computer science professor from the City College of San Francisco accessed a University Health Conway server containing patient data as part of a demonstration for a class.

Another breach involving Onsite Health Diagnostics, Kansas City hospital impacted

Children's Mercy Hospital is notifying more than 4,000 individuals that their information may have been compromised after an Onsite Health Diagnostics system was breached.