The initial breach appears to have happened on Friday, March 30 and information from 24,000 claims was accessed according to the Utah Department of Health (UDOH).
The server that was breached contained data related to Medicare claims. Information such client names, addresses, birth dates, Social Security numbers, physician's names, nation provider identifiers, tax identification numbers and procedure codes may have been accessed said the UDOH.
The Utah Department of Technology Services (DTS) is investigating how many individual Medicaid clients may have been affected and will notify them directly, but they encourage all Medicaid clients to monitor their accounts.
"DTS is conducting an investigation to identify individual Medicaid clients and providers who's protected information may have been compromised," said Tom Hudachko, of the Utah Department of Health. "It is UDOH's priority that, at this time, to notify and assist all of those individuals. In the meantime, the UDOH is advising all Medicaid clients to monitor their credit and keep a close eye on their bank accounts and credit cards."
The hackers are believed to be operating out of Eastern Europe and were able to circumvent the server's multi-layered security system, said the UDOH. The records have been moved to a new server. DTS is reviewing every server in the state to ensure proper security measures are in place, according to a UDOH statement.
The UDOH said they will offer free credit monitoring services to individuals those Social Security numbers were compromised through this incident.
Concerned Medicaid clients can also visit www.health.utah.gov or call 1-800-662-9651 to get more information on additional free resources individuals can take advantage of to protect their credit and their personal information.