Utah’s Medicaid breach is much worse than originally reported
The government and various organizations have been attempting to battle the many computer hackers around the world in order to prevent sensitive data from falling into the wrong hands. The Utah Department of Technology Services (DTS) suffered from a large data breach of thousands of medical records at the end of March, and it was recently discovered to be much worse than originally expected, according to InformationWeek.
The breach occurred when a configuration error weakened the password authentication level.
“The server was a test server and when it was put into production there was a misconfiguration. Processes were not followed and the password was very weak,” Stephanie Weiss, spokesperson for DTS, told the news source.
According to Reuters, the original report said that around 24,000 people were affected by the breach. Now, the Eastern Europeans who hacked the system have reportedly gained personal information of approximately 780,000 patients. Among that group, around 280,000 individuals had their social security numbers compromised. The majority of these patient have Medicaid.
According to the New York Times, experts are pointing out how this reveals a much greater problem – how personal and medical information is stored in bulk.
“Why do we continue to see these large aggregate databases?” Eddie Schwartz, chief information security officer at the computer security firm RSA, told the news source in an interview on Tuesday. “Why should hackers be able to steal 10 million credit card numbers or 700,000 personal records at once? We need to think about distributing that information so that when networks do get penetrated, we’re not looking an all-or-nothing situation.”
Since the breach occurred, the company has reportedly shut down the server and installed new security measures to strengthen the system. As of late, banks have beefed up their security measures, leaving health providers and retailers the main target for hackers. The experts also told the Times that these medical records would sell more on the black market compared to credit card numbers, which is why there has been an increase in incidences.
No matter how small or big a business or organization, it may be advisable to install computer monitoring software to ensure the company’s important information is secure.