Wow! This one is going to be huge!

The State of Utah wasn’t “minding the store” and hackers broke into a server and stole the Social Security Numbers of some 280,000 Utahans. They also made off with the less sensitive information (e.g. names & birth date, etc.) of another 500,000 people.

April 9, 2012 – Salt Lake Tribune: Scope of Utah Medicaid data breach explodes

I have been reading more and more lately about the threat of cyber war and how the US is drastically unprepared to defend itself in cyberspace. The article above indicates that they traced the hackers as far as eastern Europe suggesting it has an international flavor. Though Europe may not necessarily be the launching point for the attack there is certainly a nexus of hacking activity originating from the region. One could imagine that perpetrators are linked to organized crime and maybe even backed by a foreign government. It will be interesting to see how this one plays out given that it was aimed at a State agency and the FBI is now involved.

I’m afraid that it will be very difficult for the average person to defend themselves against the types of attacks that may be coming in future cyber war conflicts. The good news is that most of the time people go after the lowest hanging fruit. That means that if you’re smart and take some basic steps there’s a good chance they will move on to easier targets. See our Check List for a quick overview of things you can do to help raise the bar.

Updated May 18, 2012

More than a month later and this hack and the resulting political fall out is still big news here in Utah. My friend Kristen Stewart and others at the Salt Lake Tribune have written a series of articles help people understand what happened and what it means to their private data. I encourage you to read them so that you know what is happening and how your data may have been impacted.

April 10, 2012 – Salt Lake Tribune: Utah Gov. Herbert vows patch Medicaid data breach, restore trust

April 12, 2012 – Salt Lake Tribune: Did Utah’s failure to protect health data violate federal law?

April 26, 2012 – Salt Lake Tribune: Victim of Utah health data breach? You’re not alone

April 13, 2012 – Salt Lake Tribune: Utah Medicaid data breach brings scam warning

May 2, 2012 – Salt Lake Tribune: Utah Health Dept chief: hacked data stored too long

May 14, 2012 – Salt Lake Tribune: Utah hiring crisis team to manage health data breach

May 16, 2012 – Salt Lake Tribune: Utah guv fires tech director over health data breach, creates security czar

Even if you don’t have time to read all these articles you’ll want to at least go here:

and find out if your data was compromised.

 Updated June 17, 2012

Yesterday we learn that a University of Utah Health Law Professor investigates breach and argues that sharing information without notifying patients violates HIPPA law.

June 16, 2012 – Salt Lake Tribune: U. professor takes on hospital in Utah Medicaid breach