Healthcare News & Insights

‘Configuration error’ leads to breach of nearly 780,000 records

When it comes to health IT security, little mistakes can often have a huge impact. One recent example: 

A recent breach of Utah Medicaid data was apparently a lot more serious than was originally thought.

On March 30, criminals gained accessed to a server at the Utah Department of Technology Services. The breach was detected on April 2 and immediately shut down.

Officials initially claimed the breach affected 24,000 people, but new estimates put the number at roughly 780,000, the Salt Lake Tribune reports.

That includes 280,000 people who may have had their Social Security numbers compromised, along with 500,000 others who may have had less sensitive information — such as names and birth dates — accessed by hackers.

The number of people who may be affected by the breach is equal to one out of every six Utah residents and may include Medicaid recipients and others who are not.

The initial estimate of the scope of the breach was based on the number of files compromised. However, it was later realized that each filed contained data about many people.

What caused the breach? Officials said hackers were able to access the server because of “configuration error.” While specific details weren’t given, it was reported that an employee in the department put the server online without securing it properly.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.