Montana data breach exposes 1.3 million personal records
The exposed data included health assessments, prescriptions and diagnoses for some residents
IDG News Service - Up to 1.3 million records, including health care and bank account information, may have been exposed after a server at Montana's public health department was hacked in May, the state said Tuesday.
The server, which belonged to the Department of Public Health and Human Services, was shut down on May 22, a week after suspicious activity was noticed and an independent forensic investigation began, according to a news release.
The state said it has no knowledge if data on the server was inappropriately used or accessed. The data was backed up.
The server held information such as names, addresses, birth dates and Social Security numbers for services citizens had applied for or received. For some people, the information may have included data on health assessments, diagnoses, treatment, health condition, prescriptions and insurance, the state said.
Birth and death records, part of the state's Vital Statistics database, were also on the server.
Contractors as well as current and former employees of the department may have been affected. The server contained their names, addresses, birth dates, Social Security numbers along with bank account information and dates of service, the state said.
Those affected are being contacted by the department and will be offered free credit monitoring, according to a statement.
Montana had upgraded its property insurance policy last year to include coverage for data security incidents. The $2 million policy will cover costs such as setting up a toll-free help line, free credit monitoring and mailing notification letters, the state said.
The policy should cover the "majority" of costs for this incident, it said.
The state said it has since restored the affected systems and added additional security software "to better protect sensitive information on existing servers."
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to... All Cybercrime and Hacking White Papers | Webcasts