Hacking of Utah's Data Blamed on Configuration Error
Eastern European hackers stole personal information for as many as one in four Utah residents from a server at the Utah Department of Health.
By Noelle Knell, Government Technology Staff Writer
A large-scale theft of Social Security numbers, and other personally identifiable information from a server at the Utah Department of Health is being traced to a configuration error at the password authentication level.
The breach, discovered April 2, compromised 280,000 Social Security numbers and 500,000 records that included other personal data, a significantly higher number of records than officials first believed. Personal information that was stolen includes names, addresses, birth dates and some details contained in patient health records.
The likely victims of the breach are Utah residents covered by the children’s health insurance program or Medicaid, who received health-care services in the past four months. Other records were jeopardized when health-care providers checked patient Medicaid status.
According to USA Today, the attack originated from Eastern Europe.
Utah officials explained in a news release that normal security procedures ensure the security of the state’s data, but this particular server was configured incorrectly. “DTS has identified where the breakdown occurred and has implemented new processes to ensure this type of breach will not happen again.”
The state is in the process of notifying potential victims, with priority given to those whose Social Security numbers were compromised. Those whose Social Security numbers were stolen will receive free credit record monitoring for one year.
Utah’s Department of Technology Services reports that it is cooperating with law enforcement on a criminal investigation of the data breach. Officials caution potential victims to be aware of scammers who may claim to represent the state regarding this incident and attempt to gather personal information via phone calls or emails.
Join the Discussion
After you comment, click Post. You can enter an anonymous Display Name or connect to a social profile.
Proposed Texas Law Would Let Teachers Kill Students8 hours ago
Texas Legislator Required Muslim Office Visitors to Declare Allegiance to the U.S.9 hours ago
What the CBO’s Latest Predictions Mean for States and Localities9 hours ago
Is Atlantic City Headed for Bankruptcy?11 hours ago
North Dakota May Produce Licenses for Residents to Cross into Canada11 hours ago
States' Hispanic Education Problem12 hours ago