Hackers recently illegally managed to access Medicaid claims, more than 20,000 of them, for the program's patients in Utah. The breach occurred shortly after the Utah Department of Technology Services had transitioned its records onto a new server. The hacking attack, suspected to emanate from Eastern Europe, circumvented security measures on the new server even though it was protected by multiple layers of protection. The Utah Department of Health issued a statement about the breach, saying, "the affected server has been shut down, and new security measures have since been implemented."
Data may have been compromised includes addresses, Social Security numbers, names and birth dates. The breach is particularly worrisome because these pieces of information make it possible for a criminal to commit identity theft. The Utah Department of Health is still determining exactly which clients' information has been compromised; affected individuals will be notified by mail.
The incident illustrates the importance of following properly designed security procedures when migrating data from one physical location to another. Unfortunately, this is a time when the potential for opening up a security vulnerability will be increased. Businesses and other organizations should therefore seek expert advice from their managed programs staff when a migration is being contemplated. Because managed programs personnel are intimately acquainted with the configuration and organization of the current information system, they are an excellent source of knowledge about how to transition data safely. IT companies can supply businesses with highly qualified managed programs staff.