As the ombudsman recently appointed by Gov. Gary Herbert to oversee the health data breach, I am very concerned about the significant number of people who possibly had their Social Security numbers compromised but have not signed up for the help being offered by the Utah Department of Health.
In early April, the department began notifying breach victims and offered free credit monitoring services through Experian, one of the three major credit reporting agencies and a global leader in credit monitoring.
Despite the department's extensive efforts to reach out to all potential victims, only about 20 percent have enrolled. People who received a letter notifying them that their Social Security number was potentially compromised, but who have not activated their free credit monitoring, are running out of time to do so.
Signing up is easy. You can do it online or by phone, and the process only takes about 10 minutes. The enrollment deadline is Sept. 30.
For those unsure of whether or not their Social Security number may have been included in the breached data, or if you have lost or discarded your letter, please call the 24-hour information hotline at 1-888-238-3339. If you or a family member's Social Security number was breached, staff will ask you for critical information and you will be sent a notification letter explaining the breach and outlining important steps to protect your credit.
Credit monitoring will help detect possible misuse of your personal information and provide identity protection services focused on immediate identification and resolution of identity theft. Your credit report will be monitored daily for 50 leading indicators of identity theft. You will also receive timely credit alerts on any key changes in your credit report, which could include new inquiries from lenders, applications for new credit accounts, medical collections and changes to public records.
Since my appointment, I have received many calls, letters and emails from breach victims. Victims are appropriately angry that sensitive information they worked hard to protect was compromised.
In the earnest effort to notify and protect breach victims quickly, the state provided one year of credit monitoring, an industry standard for such situations. Some remain concerned that may not be long enough, but the governor's office and the Legislature will continue to weigh if the length of time is appropriate. We know of no misuse from compromised data that has impacted breach victims. The state has launched an in-depth investigation of this specific incident and a comprehensive review of all data systems across state agencies to ensure all that can be done is being done to safeguard data and identity.
For more information on the breach, visit our website at health.utah.gov/databreach. It is available in Spanish. Please check to see if you or your family member's information was potentially compromised.