Utah insurance exchange hacked

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.clinical-innovation.com/index.php?option=com_articles&view=article&id=35162

By Beth Walsh
Clinical-Innovation.com
September 16, 2012

The Utah Health Exchange, a state insurance exchange whose development 
started several years before the healthcare reform law mandated exchanges, 
was recently hacked, with words garbled, headlines blurred and some pages 
inaccessible.

The Salt Lake Tribune reported on the hacking and said the site was down 
for about 10 days. Protected health information is on a separate secure 
site and was not affected.

The state's Department of Technology services maintains the breached site 
and also was responsible for the comprehensive hacking of Medicaid data in 
March. Protected health information was compromised for 780,000 
individuals, including up to 280,000 Social Security numbers.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.