Hacking of Utah's Data Blamed on Configuration Error
Eastern European hackers stole personal information for as many as one in four Utah residents from a server at the Utah Department of Health.
By Noelle Knell, Government Technology Staff Writer
A large-scale theft of Social Security numbers, and other personally identifiable information from a server at the Utah Department of Health is being traced to a configuration error at the password authentication level.
The breach, discovered April 2, compromised 280,000 Social Security numbers and 500,000 records that included other personal data, a significantly higher number of records than officials first believed. Personal information that was stolen includes names, addresses, birth dates and some details contained in patient health records.
The likely victims of the breach are Utah residents covered by the children’s health insurance program or Medicaid, who received health-care services in the past four months. Other records were jeopardized when health-care providers checked patient Medicaid status.
According to USA Today, the attack originated from Eastern Europe.
Utah officials explained in a news release that normal security procedures ensure the security of the state’s data, but this particular server was configured incorrectly. “DTS has identified where the breakdown occurred and has implemented new processes to ensure this type of breach will not happen again.”
The state is in the process of notifying potential victims, with priority given to those whose Social Security numbers were compromised. Those whose Social Security numbers were stolen will receive free credit record monitoring for one year.
Utah’s Department of Technology Services reports that it is cooperating with law enforcement on a criminal investigation of the data breach. Officials caution potential victims to be aware of scammers who may claim to represent the state regarding this incident and attempt to gather personal information via phone calls or emails.
Join the Discussion
After you comment, click Post. You can enter an anonymous Display Name or connect to a social profile.
Hackers Target Elections Systems in Arizona and Illinois4 hours ago
Under Pence, State Gave Incentives to Companies That Offshored Jobs4 hours ago
Trump Fights D.C. for a Lower Tax Bill at His New Hotel2 hours ago
Mid-Level Manager Gets 10 Years in Prison for Chicago's Red-Light Camera Scheme2 hours ago
Illinois Governor Vetoes Bills That Would Help Low-Income Families and Caregivers2 hours ago
In Montana Governor's Race, Ex-Employee Endorses Her Ex-Bosses' Opponent2 hours ago
More News & Commentary
Didn't find what you were looking for? Search our archives, or subscribe to one of our e-newsletters, and we'll bring the news to you!