Recently I provided Howard Anderson at HealthInfosecurity.com with some of my thoughts about the recent Utah Department of Health breach of the files of 900,000 individuals, and counting.
He included some of my thoughts in his blog post, along with thoughts from others. I wanted to provide my full reply here, along with some expanded thoughts.
As background, for those of you who may not have heard of this hack yet, in a nutshell:
The data breach occurred on March 30. A configuration error occurred at the password authentication level. This allowed hacker(s), located in Eastern Europe, to obtain files containing sensitive information by circumventing the Utah Department of Technology Services’ (DTS’s) security system.
The files were stored on a server that contained Medicaid information at DTS.
Reference:
No comments:
Post a Comment