Marjorie Cortez provides an update on a breach that started out bad enough last week, and got a lot worse:
Some 280,000 people had their Social Security numbers listed in state health data stolen from a computer server last week, state officials announced Monday, calling the data breach the largest in state history.
Another 500,000 victims had less sensitive personal information stolen, state health department and technology services officials said during a press conference at the State Office Building. “Less sensitive” information was described as names, dates of birth and addresses. Officials said there may be some overlap between the groups, and information is still being reviewed.
The victims are likely to be people who have visited a health care provider in the past four months. Many are children who are enrolled in Children’s Health Insurance Program or Medicaid, although adults are also victims, officials said.
Read more on Deseret News.
There are so many headlines that could be spun from this situation. How a weak password may have cost the state millions of dollars in breach costs and aggravation, how young children don’t have real ID theft protection, how attempts to disclose a breach quickly can make you look incompetent if you get the facts/numbers wrong and have to keep revising.
Actually, I’m just surprised this doesn’t happen more often.