Montana

Montana Health Department hacked

July 8th, 2014

Montana Department of Public Health and Human Services is notifying public program clients and employees about data breach due to recent incident of server hacking. Montana hired an investigator and confirmed that their server was inappropriately accessed. The server had sensitive information which included state public assistance data such as food stamps, welfare payments, Medicaid, home heating aid and child-care assistance, birth records and some state employee information. It was also found out that there may have been clients’ names, addresses, birth dates, Social Security numbers and health records.

As protected health information (PHI) was involved in this breach, Montana may initiate conversation with the Department of Health and Human Services (HHS). Montana’s state CIO, Ron Baldwin, told the Gazette that this was a first-time breach and that an outsider found a software vulnerability prior to the department being able to patch it, leading to the server hack. “This is not unique to Montana, it’s not unique to state government,” he said. “All states, all major businesses are experiencing these (attempts) every day, every month, every year … and they come from all over the world.”

Montana Department of Public Health and Human Services director Richard Opper suggested that the hackers may have been involved with trading Bitcoins in some form. “Out of an abundance of caution, we are taking the necessary steps to reach out to those whose information may have been stored in the server,” he said to the Gazette. “DPHHS is committed to answering questions clients and employees may have, and to help them take advantage of services we are offering.”

 

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Breach count reaches to 1.3 million for Montana DPHHS

June 22nd, 2014

(DPHHS) have faced one of the largest HIPAA breaches in terms of number of affected patients. Total count stands at 1.3 million due to server hack of DPHHS. Information is not available whether the hackers used patient data maliciously or accessed it while on the server.

According to Montana, Server has the sensitive information which has patient demographic information, including names, addresses, dates of birth, and Social Security numbers. Also some records may have information regarding DPHHS services clients applied for and/or received, such as health assessments, diagnoses, treatment, health condition, prescriptions, and insurance. The incident extent came to light when DPHSS hired an investigator to know extent of breach.

“Out of an abundance of caution, we are notifying those whose personal information could have been on the server,” said DPHHS Director Richard Opper. “Again, we have no reports, nor do we have any evidence that anyone’s information was used in any way, or even accessed.”

Earlier Unknown computer hackers used malware to gain entry to a DPHHS server containing client and agency employee personal information. According to the reports, this incident should not impact DPHHS services as none of the information contained on the server was lost and has complete back-up of the information.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Montana Health Department hacked

June 7th, 2014

Montana Department of Public Health and Human Services is notifying public program clients and employees about data breach due to recent incident of server hacking. Montana hired an investigator and confirmed that their server was inappropriately accessed. The server had sensitive information which included state public assistance data such as food stamps, welfare payments, Medicaid, home heating aid and child-care assistance, birth records and some state employee information. It was also found out that there may have been clients’ names, addresses, birth dates, Social Security numbers and healt

As protected health information (PHI) was involved in this breach, Montana may initiate conversation with the Department of Health and Human Services (HHS). Montana’s state CIO, Ron Baldwin, told the Gazette that this was a first-time breach and that an outsider found a software vulnerability prior to the department being able to patch it, leading to the server hack. “This is not unique to Montana, it’s not unique to state government,” he said. “All states, all major businesses are experiencing these (attempts) every day, every month, every year … and they come from all over the world.”

Montana Department of Public Health and Human Services director Richard Opper suggested that the hackers may have been involved with trading Bitcoins in some form. “Out of an abundance of caution, we are taking the necessary steps to reach out to those whose information may have been stored in the server,” he said to the Gazette. “DPHHS is committed to answering questions clients and employees may have, and to help them take advantage of services we are offering.”

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Mental Health Treatment Organization health data exposed

March 8th, 2014

Community Based Services On-Call Binder of Yellowstone Boys and Girls Ranch (YBGR) in Montana was lost or destroyed. Organization printed legal notice in the news paper informing clients of the breach.

Binder contained Protected Health Information (PHI) from clients, including names, addresses, dates of birth, parents’ names, and program and treatment professionals’ information. Financial information and Social Security number was not present in the binder.

YBGR has stopped using binders after the incident. It has notified the clients for same. New process is followed were staff members must use a new on-call system or visit a ranch office to receive information. YBGR is in the process of implementing new electronic record system to ensure security of the sensitive information. It has notified the customers to monitor credit reports. They are also advised to inform Federal Trade Commission (FTC) for any suspicious activity.

“We want to make sure that if there’s any trust lost with any of our families, with any of the people we work with, we want to regain that,” said Shawn Byrne, YBGR’s chief operating officer for community-based services.

In its public notice YBGR mentioned,

We conducted an extensive investigation and determined that the Binder was either destroyed or misplaced sometime during the summer of 2013.

YBGR has no reason to believe that any personal information was accessed or used inappropriately and we believe that the likelihood of such misuse is low. Nonetheless, out of abundance of caution, and in accordance with federal law, we are providing the media with notice of this incident, in addition to individualized notice to every client who might have been affected so that our clients might take steps to protect themselves from potential harm resulting from this incident.

Alertsec strengthens security

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Enhanced by Zemanta