The server contained client information including names, addresses, birthdates, Social Security numbers, dates of service and clinical information.
It also held DPHHS employee payroll information including names, Social Security numbers and bank account information.
DPHHS officials detected suspicious activity on May 15, 2014, and ordered an independent forensic investigation. The investigation determined on May 22, 2014 that the server had been hacked, and that the breach likely began in July 2013, though there's no indication that any information on the server was actually accessed.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
State CIO Ron Baldwin told the Billings Gazette that the breach occurred due to a security flaw in third-party software used by the department -- the hackers accessed the server before the vulnerability was patched.
"Out of an abundance of caution, we are taking the necessary steps to reach out to those whose information may have been stored on the server," DPHHS director Richard Opper said in a statement. "We apologize for the stress this announcement is going to cause. DPHHS is committed to answering questions clients and employees may have and to help them to take advantage of the services we are offering."
All those affected are being notified by mail, and will be offered free access to credit monitoring services. Clients and employees with questions are advised to contact (800) 809-2956.