Quantcast
Get breaking news alerts via email

Click here to manage your alerts
Utah data breach victims still eligible for protection
Health » State extends deadline to register for free credit monitoring until Sept. 30.
First Published Sep 11 2012 11:28 am • Last Updated Dec 25 2012 11:32 pm

Utahns whose Social Security numbers were compromised last March when hackers broke into a poorly protected state server now have until Sept. 30 to register for free credit monitoring.

The Utah Department of Health extended the deadline hoping to reach a greater share of breach victims.

At a glance

Protect yourself

Call the Utah Department of Health’s 24-hour hot­line at 1-855-238-3339 or visit the virtual Data Breach Solution center. > health.utah.gov/databreach

Join the Discussion
Post a Comment

State officials have mailed letters, fielded questions on a 24-hour hotline and crisscrossed the state in an effort to alert the 780,000 Utahns whose personal information was put at risk. Of those, 255,000 had their Social Security numbers exposed —the group eligible for a year of credit monitoring and fraud insurance.

But to date, only 20 percent have taken the state up on its offer, said Utah’s Data Security Ombudsman Sheila Walsh-McDonald.

"It’s very important that as many people as possible take the opportunity to protect themselves by signing up for credit monitoring. It’s simple, it takes less than 10 minutes, and costs nothing to those whose Social Security numbers were breached," she said.

The breach happened last March when hackers, purportedly based in Eastern Europe, broke into a Department of Technology Services server that had been mistakenly placed online with a factory password. The server contained the names, addresses and other personal information — in some cases, medical diagnoses — of Medicaid recipients, privately insured Utahns, retirees on Medicare and the uninsured.

About half of those with exposed Social Security numbers were on Medicaid; the other half had no history with the low-income health program.

The two groups have signed up for protections in equal numbers, said Walsh-McDonald. "I feel like I’m hearing from a very mixed population of families," she said. "Parents with children on Medicaid who were affected are as being as proactive as those who have no connection to Medicaid. I’m just surprised how few people have signed up."

Walsh-McDonald just wrapped up a statewide tour where about 260 breach victims were able to meet one-on-one with state officials.

Most voiced concern that a year’s worth of protection isn’t long enough, she said.


story continues below
story continues below

There are currently no plans to extend the length of credit monitoring, though the issue could surface at the Legislature this winter.

A lot depends on the results of two audits of the state’s servers and security protocols, Walsh-McDonald said.

Federal Health and Human Services officials are also investigating the breach and yet to issue findings or penalties. The FBI is handling the criminal investigation and could not be reached for an update.

Health officials, however, have no reason to believe that anyone’s information has been misused, said health department spokesman Tom Hudachko.

Those who aren’t sure if they were swept up in the breach can still call the state’s hotline at 1-855-238-3339. Information is also available in English and Spanish at http://health.utah.gov/databreach/.

kstewart@sltrib.com



Copyright 2014 The Salt Lake Tribune. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Top Reader Comments Read All Comments Post a Comment
Click here to read all comments   Click here to post a comment


About Reader Comments


Reader comments on sltrib.com are the opinions of the writer, not The Salt Lake Tribune. We will delete comments containing obscenities, personal attacks and inappropriate or offensive remarks. Flagrant or repeat violators will be banned. If you see an objectionable comment, please alert us by clicking the arrow on the upper right side of the comment and selecting "Flag comment as inappropriate". If you've recently registered with Disqus or aren't seeing your comments immediately, you may need to verify your email address. To do so, visit disqus.com/account.
See more about comments here.
Staying Connected
Videos
Jobs
Contests and Promotions
  • Search Obituaries
  • Place an Obituary

  • Search Cars
  • Search Homes
  • Search Jobs
  • Search Marketplace
  • Search Legal Notices

  • Other Services
  • Advertise With Us
  • Subscribe to the Newspaper
  • Access your e-Edition
  • Frequently Asked Questions
  • Contact a newsroom staff member
  • Access the Trib Archives
  • Privacy Policy
  • Missing your paper? Need to place your paper on vacation hold? For this and any other subscription related needs, click here or call 801.204.6100.