Hackers steal medical records on 181,000 people from Utah server -- GCN

Click here to receive GCN magazine for FREE!

Hackers steal medical records on 181,000 from Utah server

By Kevin McCaney
Apr 09, 2012

Hackers apparently operating in Eastern Europe broke into a Utah Department of Technology Services server used to store medical data and stole personal information on 181,604 people, the state’s Department of Health reported.

The attack, which took place March 30, netted information on Medicaid and Children’s Health Insurance Plan recipients, UDOH said in an update on the breach. About 25,000 of those recipients had their Social Security numbers compromised.

The department initially reported the breach April 4, saying that information on about 24,000 Medicaid recipients had been taken. In the more recent update, it said its investigation showed that CHIP recipient data also had been taken.

To hackers, government users are phish in a barrel

The Department of Technology Services said it at first appeared that the hackers took 24,000 claims, but in fact they removed 24,000 files, each one of which can contain information on hundreds of individuals. DTS said the hackers appeared to be operating out of Eastern Europe but provided no further details.

DTS said the hackers took advantage of a configuration error at the authentication level of the server’s multilayer security system. The department has identified the breakdown and implemented corrective measures, and it is taking steps to improve its hardware and software security, according to the state’s announcement.

UDOH said it will begin contacting the people involved, starting with those whose Social Security numbers may have been compromised. They’ll get a letter with instructions on how to take advantage of free credit monitoring for a year. Others will receive instructions on how to protect themselves, UDOH said.

Recipients who have online access to their information via a My Case account with the state also will receive an e-mail notification and will have information on the breach posted to their accounts.

"We understand clients are worried about who may have accessed their personal information, and that many of them feel violated by having their information compromised," UDOH Deputy Director Michael Hales said in the department’s announcement. "But we also hope they understand we are doing everything we can to protect them from further harm."

UHOH and DTS are continuing their investigation and said they will continue to issue updates. Medicaid clients can call 1-800-662-9651 to get more information on how to protect themselves and their identities.

About the Author

Kevin McCaney is a former editor of Defense Systems and GCN.

E-Mail this page

Printable Format

A blueprint for the modern government security operations center04/13/2017
Business email compromise: Don’t catch that phish!04/12/2017
DOD believes blockchain can boost 3-D printing at the front05/15/2017
Prioritizing vulnerabilities to fight cyberthreats10/25/2016
What it takes to review 650,000 emails 11/07/2016
Hayden: Political culture limits government’s ability to protect IT systems05/31/2016
Extending cybersecurity to fraud analytics06/16/2016
To thwart password theft, the devil is in the decoys05/29/2015

inside gcn

IFTTT digs into government data

Reader Comments

Tue, Apr 10, 2012

Doesn't HIPAA require medical records at rest to be encrypted?

Tue, Apr 10, 2012

So all the hackers have to do is wait a year for the "protection" to expire and then then have free reign over our identity. Some compromise. More needs to be done.