A new tally of files stored on a server that contained Medicaid information at the Utah Department of Technology Services (DTS) reveals that 780,000 individuals have been affected by the theft of sensitive information. That’s far worse than initial estimates.
The data breach occurred on March 30, when a configuration error occurred at the password authentication level, allowing the hacker, located in Eastern Europe, to circumvent DTS’s security system.
“The server was a test server and when it was put into production there was a misconfiguration. Processes were not followed and the password was very weak,” Stephanie Weiss, spokesperson for DTS, told InformationWeek Healthcare.
On Monday DTS, along with the Utah Department of Health (UDOH), announced that an additional 255,000 people had their social security numbers (SSNs) stolen by hackers from a computer server last week. Until last Friday, authorities had estimated that only 25,096 individuals had their SSNs compromised. That brought the revised figure up to 280,096.