/

What happened in the Medicaid data breach?

What happened in the Medicaid data breach?

Twingate Team

May 23, 2024

In April 2012, hackers operating out of Eastern Europe targeted the Utah Health Department, resulting in a data breach involving Medicaid claimants' Social Security numbers. The breach exposed vulnerabilities in server security and highlighted the need for stronger protection measures for sensitive information.

How many accounts were compromised?

The breach compromised data for approximately 780,000 users.

What data was leaked?

The data exposed in the breach included sensitive information such as Social Security numbers, Medicaid claimant details, email addresses, employers, geographic locations, job titles, names, phone numbers, and social media profiles.

How was Medicaid hacked?

Hackers operating out of Eastern Europe exploited a security vulnerability in the MOVEit software, a third-party application used for transferring files during the Medicare appeals process. They gained unauthorized access to files across various organizations in both government and private sectors, compromising sensitive information of Medicaid claimants.

Medicaid's solution

In response to the hack, Medicaid implemented enhanced security measures to protect sensitive information and prevent future incidents. These measures included initiating an investigation, taking the MOVEit application offline, applying software patches, and notifying law enforcement. Affected individuals were notified of the breach and offered free credit monitoring services for 24 months, as well as guidance on obtaining a new Medicare card with a new number if necessary.

How do I know if I was affected?

Medicaid notified affected users about the breach. If you were a Medicaid claimant during the time of the breach and did not receive a notification, you can visit Have I Been Pwned to check if your credentials were affected.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions regarding Medicaid's data breach, please contact NC Medicaid's support directly.

Where can I go to learn more?

If you want to find more information on the Medicaid data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

What happened in the Medicaid data breach?

What happened in the Medicaid data breach?

Twingate Team

May 23, 2024

In April 2012, hackers operating out of Eastern Europe targeted the Utah Health Department, resulting in a data breach involving Medicaid claimants' Social Security numbers. The breach exposed vulnerabilities in server security and highlighted the need for stronger protection measures for sensitive information.

How many accounts were compromised?

The breach compromised data for approximately 780,000 users.

What data was leaked?

The data exposed in the breach included sensitive information such as Social Security numbers, Medicaid claimant details, email addresses, employers, geographic locations, job titles, names, phone numbers, and social media profiles.

How was Medicaid hacked?

Hackers operating out of Eastern Europe exploited a security vulnerability in the MOVEit software, a third-party application used for transferring files during the Medicare appeals process. They gained unauthorized access to files across various organizations in both government and private sectors, compromising sensitive information of Medicaid claimants.

Medicaid's solution

In response to the hack, Medicaid implemented enhanced security measures to protect sensitive information and prevent future incidents. These measures included initiating an investigation, taking the MOVEit application offline, applying software patches, and notifying law enforcement. Affected individuals were notified of the breach and offered free credit monitoring services for 24 months, as well as guidance on obtaining a new Medicare card with a new number if necessary.

How do I know if I was affected?

Medicaid notified affected users about the breach. If you were a Medicaid claimant during the time of the breach and did not receive a notification, you can visit Have I Been Pwned to check if your credentials were affected.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions regarding Medicaid's data breach, please contact NC Medicaid's support directly.

Where can I go to learn more?

If you want to find more information on the Medicaid data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

What happened in the Medicaid data breach?

Twingate Team

May 23, 2024

In April 2012, hackers operating out of Eastern Europe targeted the Utah Health Department, resulting in a data breach involving Medicaid claimants' Social Security numbers. The breach exposed vulnerabilities in server security and highlighted the need for stronger protection measures for sensitive information.

How many accounts were compromised?

The breach compromised data for approximately 780,000 users.

What data was leaked?

The data exposed in the breach included sensitive information such as Social Security numbers, Medicaid claimant details, email addresses, employers, geographic locations, job titles, names, phone numbers, and social media profiles.

How was Medicaid hacked?

Hackers operating out of Eastern Europe exploited a security vulnerability in the MOVEit software, a third-party application used for transferring files during the Medicare appeals process. They gained unauthorized access to files across various organizations in both government and private sectors, compromising sensitive information of Medicaid claimants.

Medicaid's solution

In response to the hack, Medicaid implemented enhanced security measures to protect sensitive information and prevent future incidents. These measures included initiating an investigation, taking the MOVEit application offline, applying software patches, and notifying law enforcement. Affected individuals were notified of the breach and offered free credit monitoring services for 24 months, as well as guidance on obtaining a new Medicare card with a new number if necessary.

How do I know if I was affected?

Medicaid notified affected users about the breach. If you were a Medicaid claimant during the time of the breach and did not receive a notification, you can visit Have I Been Pwned to check if your credentials were affected.

What should affected users do?

In general, affected users should:

  1. Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  3. Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions regarding Medicaid's data breach, please contact NC Medicaid's support directly.

Where can I go to learn more?

If you want to find more information on the Medicaid data breach, check out the following news articles: