Medicaid hack update: 500,000 records and 280,000 SSNs stolen

Utah’s Medicaid hack estimate has grown a second time. This time we have gone from over 180,000 Medicaid and Children’s Health Insurance Plan (CHIP) recipients having their personal information stolen to a grand total of 780,000 affected. More specifically, the state now says approximately 500,000 victims had sensitive personal information stolen and 280,000 victims had their Social Security numbers (SSNs) compromised.

You may be a victim if: a) your information was sent to the state by your health care provider in a transaction called a Medicaid Eligibility Inquiry to determine your status as possible Medicaid recipients or b) you have visited a health care provider in the past four months. You should contact your health care provider especially if you are a Medicaid or CHIP recipient, but also if you are not, since the state believes individuals whose health care providers are unsure as to their status as Medicaid recipients could be victims.

All Medicaid clients are being advised to monitor their credit and bank accounts. If you think you may be a victim, place either a freeze or a fraud alert on your personal credit file with the nation’s three credit bureaus, to help protect your identity and your financial information. More details are available at this webpage: Utah’s Identity Theft Solution.

Last but not least, do not provide any information to telephone or e-mail contacts who claim to be from the state. Scammers may attempt to reach victims and you should not believe anyone who contacts you asking for personal details.

This all started on April 2, when the Utah Department of Technology Services (DTS) notified the Utah Department of Health (UDOH) the server that houses Medicaid claims was hacked. On April 4, the UDOH publicly announced the breach, quoting the DTS which said information was accessed from approximately 24,000 claims.

Unfortunately, it turned out the hackers had made off with 24,000 files, and one single file can potentially contain claims information on hundreds of individuals. This is why on April 6, the DTS confirmed the number of Medicaid clients affected was actually 181,604. Of those, 25,096 appear had their Social Security numbers (SSNs) compromised. Now on April 9 (today), DTS updated the total to 780,000 victims, with some having just their personal information stolen, some having just their SSNs compromised, and the rest having both pilfered.

Read the full article Here.