Montana data breach exposes 1.3 million personal records
The exposed data included health assessments, prescriptions and diagnoses for some residents
IDG News Service - Up to 1.3 million records, including health care and bank account information, may have been exposed after a server at Montana's public health department was hacked in May, the state said Tuesday.
The server, which belonged to the Department of Public Health and Human Services, was shut down on May 22, a week after suspicious activity was noticed and an independent forensic investigation began, according to a news release.
The state said it has no knowledge if data on the server was inappropriately used or accessed. The data was backed up.
The server held information such as names, addresses, birth dates and Social Security numbers for services citizens had applied for or received. For some people, the information may have included data on health assessments, diagnoses, treatment, health condition, prescriptions and insurance, the state said.
Birth and death records, part of the state's Vital Statistics database, were also on the server.
Contractors as well as current and former employees of the department may have been affected. The server contained their names, addresses, birth dates, Social Security numbers along with bank account information and dates of service, the state said.
Those affected are being contacted by the department and will be offered free credit monitoring, according to a statement.
Montana had upgraded its property insurance policy last year to include coverage for data security incidents. The $2 million policy will cover costs such as setting up a toll-free help line, free credit monitoring and mailing notification letters, the state said.
The policy should cover the "majority" of costs for this incident, it said.
The state said it has since restored the affected systems and added additional security software "to better protect sensitive information on existing servers."
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts