Health department breach impacts 780K Medicaid patients

In what sounds like the plot of a Robert Ludlum novel, Eastern European hackers are suspected of breaching more than 780,000 Medicaid files from the Utah Department of Health. Officials from the state's health department believe the hack--which occurred last Friday--was possible because state employees failed to shore up security on a single computer server, according to an article in the Salt Lake Tribune.

Health department spokesman Tom Hudachko told the Tribune the total could actually be much higher. He also told Reuters that the hack has been "narrowed down" to a couple of countries.

Utah currently serves roughly 260,000 Medicaid clients, according to the Tribune. The Utah Health Policy Project, an organization that advocates for those clients, wasn't informed of the breach by the state's health department, executive director Judi Hilman told the Tribune.

"We were not notified, which really bothers me," Hilman said. "An incident like this detracts from [a] sense of safety.

The files likely included Social Security numbers, birth dates, addresses and health conditions, according to the Tribune.

Meanwhile, the potential for breached Medicaid client Social Security numbers led to the abrupt end of an inmate employment program in Maryland last month. The state's Department of Health and Mental Hygiene had been using inmate labor to enter Medicaid reimbursement claims--that sometimes included Social Security numbers--into a database, CorrectionalNews reported.

To learn more:
- here's the Salt Lake Tribune article
- read the Reuters piece
- check out the CorrectionalNews coverage