April 9, Utah Department of Health – (Utah) Data breach expands to include more victims. The Utah Department of Technology Services (DTS), along with the Utah Department of Health (UDOH) announced April 9 that up to 255,000 additional people had their Social Security numbers listed in data stolen by thieves from a computer server the week of April 2. These latest victims are people whose information was sent to the state by their health care provider through a Medicaid Eligibility Inquiry to determine status as possible Medicaid recipients. The DTS has started identifying additional victims, and the state will send letters directly to them. Some of the 255,000 Social Security numbers were not accompanied by any other identifying information (such as names and addresses), so DTS will likely need to coordinate with other agencies to identify and notify these individuals. As many as 350,000 additional people may have had other, less-sensitive information, such as their names, birth dates, and addresses accessed through eligibility inquiries. These people will also receive a letter alerting them to the situation. However, priority will be placed on alerting those who had their Social Security numbers stolen first. It is now believed that about 280,000 victims had their Social Security numbers stolen, and about 500,000 other victims had less-sensitive personal information stolen.
Ali Loney, on April 09, 2012