Theft of Medicaid data in Utah may have been joint effort between hackers, insiders

Dark Reading Staff, Dark Reading

April 10, 2012

2 Min Read

The number of Utah citizens affected by a data breach that occurred last week has grown from an initially reported 24,000 to a currently reported 780,000, according to news reports.

A new report from Utah newspaper Deseret News says Utah government officials now estimate that some 280,000 people had their Social Security numbers stolen, and some 500,000 had less sensitive data compromised.

The victims are likely to be people who visited health care providers in the past four months. Many are children who are enrolled in Children's Health Insurance Program or Medicaid, although adults are also victims, officials said.

The reports do not say how the data was stolen, but officials say that the attack has been traced to hackers in eastern Europe. But officials are also investigating employees who were known to be present during the hours of the attack.

State officials offered some details on the nature of their security defenses. Mike Lloyd, CTO at RedSeal Networks, said that based on those reports, the Utah security architecture may be prone to human error.

"They called out five distinct types of protections," Lloyd notes. "This is typical; today’s IT infrastructure is highly complex, and the defenses built into the infrastructure are every bit as complex. Unfortunately, humans don’t handle complexity well -- it’s extremely difficult to consistently follow even basic, well-established guidelines in an infrastructure that’s large, complex, and rapidly moving."

Some security processes need to be automated, Lloyd suggests. "People cannot scale to the challenge of identifying all possible cross-combinations of factors that can permit a breach such as [Utah's]," he said. "We have to deploy computers to validate that we follow our own rules, consistently, throughout our own infrastructure. So long as we rely on human effort, breaches of this sort will continue."

Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights