A recent cyber attack on the Utah Department of Health, which was initially thought to have provided hackers with access to about 24,000 Medicaid records, is now thought to have affected far more -- approximately 780,000.
"More specifically, the state now says approximately 500,000 victims had sensitive personal information stolen and 280,000 victims had their Social Security numbers (SSNs) compromised," writes ZDNet's Emil Protalinski.
"Stephen Fletcher -- executive director of UDTS -- said it appeared that 'very sophisticated' hackers used passwords to access a server, but officials are uncertain about how the hackers bypassed security," iHealthBeat reports.
"The [Department of Technology Services] has announced they will send letters to each person involved in the breach, yet will stagger sends -- waiting to notify as many as 350,000 victims who had less-sensitive information, like names, addresses and birth dates stolen in the breach -- opting to notify victims who had Social Security numbers stolen first," writes Threatpost's Christopher Brook.
"[Due] to the breach’s scope and potential for harm, the FBI is now investigating," writes The Salt Lake Tribune's Kirsten Stewart. "'Computer intrusions are one of our top priorities,' said Greg Bretzing, assistant special agent in charge of the FBI’s Salt Lake City office."