http://www.informationweek.com/news/healthcare/security-privacy/232900128 By Nicole Lewis InformationWeek April 11, 2012 A new tally of files stored on a server that contained Medicaid information at the Utah Department of Technology Services (DTS) reveals that 780,000 individuals have been affected by the theft of sensitive information. That's far worse than initial estimates. The data breach occurred on March 30, when a configuration error occurred at the password authentication level, allowing the hacker, located in Eastern Europe, to circumvent DTS's security system. "The server was a test server and when it was put into production there was a misconfiguration. Processes were not followed and the password was very weak," Stephanie Weiss, spokesperson for DTS, told InformationWeek Healthcare. On Monday DTS, along with the Utah Department of Health (UDOH), announced that an additional 255,000 people had their social security numbers (SSNs) stolen by hackers from a computer server last week. Until last Friday, authorities had estimated that only 25,096 individuals had their SSNs compromised. That brought the revised figure up to 280,096. [...] _______________________________________________ LayerOne Security Conference May 26-27, Clarion Hotel, Anaheim, CA http://www.layerone.orgReceived on Wed Apr 11 2012 - 23:50:02 PDT
This archive was generated by hypermail 2.2.0 : Wed Apr 11 2012 - 23:50:09 PDT