Healthcare News & Insights

The 3 simple IT mistakes that caused Utah’s Medicaid breach

A recent data breach of Utah’s Medicaid system compromised the records of nearly 800,000 people. What caused the breach? 

Answer: a few basic IT errors.

The breach affecting roughly 780,000 Utah residents occurred in late March, after cybercriminals gained access to a server at the Utah Department of Technology Services (DTS) containing data for the state’s Medicaid program.

The massive breach didn’t occur because the hackers used sophisticated techniques to gain access to the department’s network. Rather, a few human errors left the information wide open for criminals to take, said Mark VanOrden, interim director of DTS. He took over after Stephen Fletcher, the previous director, resigned due to the incident.

Some of the problems occurred because IT staff didn’t follow proper policy while upgrading the server. VanOrden recently told the Desert News about the mistakes that led to the breach:

1. Default passwords were kept

The server that was breached was initially installed by an independent contractor, which was unusual for the department, VanOrden said, and the normal policy for configuring and testing security and conducting a risk assessment wasn’t followed. One huge step that was skipped: changing the passwords from the factory-issued defaults.

2. Missing firewall

While 99% of the department’s data is kept behind two firewalls, VanOrden said, the data stolen was not. Apparently, the data wasn’t protected as the server was being upgraded.

3. Too much unencrypted data

VanOrden also said that the server held old data that should have been deleted. Also, it wasn’t encrypted, so the criminals were able to access the information.

IT departments at healthcare organizations should take note: Health information is highly coveted by criminals, and it’s critical that IT doesn’t make hackers’ jobs any easier. Organizations should have policies to properly configure systems and test security after changes are made, and to regularly audit security configurations.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.