This is bad as the social security numbers were those of children receiving public assistance. When you look at the cause it came down a password installed by a tech that was not strong enough. Not to really get down on the tech here but hackers today have some pretty sophisticated equipment that goes at rocket speed to try variations of passwords one after another and it could run for hours and eventually they hit the jackpot with cracking the password(s).
It was just not the credentials that were broken into, but the hacker also downloaded a huge number of files, 24k. This was a brand new server and the hackers appeared to be in eastern Europe based on checking IP addresses. This of course has the entire state IT on watch and free credit reports will once again be rolling out. As patients we can’t get our own records but others, including hackers in this instance sure don’t seem to have a problem. BD
----------------
Utah health officials said Friday that hackers who broke into state computers last weekend stole far more medical records than originally thought, and the data likely includes Social Security numbers of children who have received public assistance
.
Approximately 182,000 beneficiaries of Medicaid and the Children's Health Insurance Program had their personal information stolen, and about 25,000 Social Security numbers were compromised, Utah Department of Health officials said.
The information was stolen from a new server at the Health Department, Weiss said. Although the state has multiple layers of security on every server, a technician installed a password that wasn't as secure as needed.
Based on the hacker's IP address, which identifies a computer on the Internet, Utah's recent attack likely came from eastern Europe, Weiss said. Someone started downloading the files Sunday, and the server was taken offline Monday after the state's security software caught the attack.
http://www.businessweek.com/ap/2012-04/D9TVMGA01.htm
That's crazy that they had the whole weekend to download secure files and nobody knew about it. I mean, if something like that happened to one of the clients we manage, heads would fly. I think the security software probably found out and alerted the IT Director right after it started, but he probably was taking a break from technology over the weekend and didn't check his email till Monday. Right?
ReplyDeleteAs far as IP's go, there's no doubt that the hacker was probably using a proxy server.
Too bad we have people in this world that are smart enough to hack but to dumb to use their skills for anything other than crime. Truly a shame.