Bill Sizemore of The Virginian-Pilot reports that the state is sending breach notifications to 530,000 Virginians whose Social Security numbers may have been in the state’s Prescription Monitoring Program database that was hacked on April 30. An additional 1,400 users of the database who may have provided Social Security numbers when they registered for the program are being notified. The database contains about 35 million prescription records.
The hacker, who demanded a $10 million ransom, has not been found.
When this hack was originally reported, the reports concerned the database of licensed professionals. Has anyone seen any final word on whether their data were hacked, too, and if so, whether the state intends to send notifications to them?