The State of California's Department of Health Care Services (DHCS) recently acknowledged that it had mistakenly published thousands of Social Security numbers online for nine days.
"In an exclusive interview with KCRA 3, state officials from the Department of Health Care Services admitted to posting nearly 14,000 Social Security numbers belonging to Medi-Cal providers working for In-Home Supportive Services. ... The confidential information was available on the state's Medi-Cal website for anyone to see for a period of nine days, before the mistake was discovered and the numbers removed," writes KCRA 3's Mike Luery.
"Those affected by the breach began receiving letters from the DHCS this week claiming their name and Social Security number were posted on a 'public website for business purposes,'" writes Threatpost's Christopher Brook. "Along with names and Social Security numbers, users’ provider names, addresses and provider types are also at risk of being exposed in the breach."
"Norman Williams -- deputy director for public affairs at DHCS -- said that the most recent breach was 'inadvertent, and we sincerely regret this has happened,'" California Healthline reports. "He said that the agency is conducting an internal investigation on the matter."