Alaskan officials have upped their tally of individuals likely affected in a June 2018 data breach at the state's health department from 501 victims to 700,000, HealthcareInfoSecurity reports.
Five things to know:
1. The Alaska Department of Health and Social Services reported a data breach to HHS' Office for Civil Rights June 28, 2018. At the time, the department said 501 individuals' data had been compromised in an incident described as "hacking/IT."
2. During the breach, a trojan virus had infected one of the department's computers. The breached computer contained documents including information on residents' pregnancy status, incarceration status, Medicaid/Medicare billing codes, criminal justice history, health billing, Social Security numbers, driver's license numbers, first and last names, birthdates, phone numbers, and other confidential data, according to a statement DHSS issued in June.
3. In June, the department acknowledged that the breach may have affected 500,000 to 700,000 individuals, but reported the victim tally as 501 because it could not confirm actual figures.
"The delay in notifying individuals was largely due to the volume of analysis conducted," Shawnda O'Brien, director of the state's Division of Public Assistance, told KTVA Jan. 22. "The department was able to partner with the FBI to do the forensic analysis of the machine's hard drive to get better detail on what the virus was able to access. It took several months and there were further delays because of the earthquake and staffing changes in the agency. The intent was to get notification out much earlier."
4. The department began mailing notification letters to the additional individuals Jan. 22.
5. In response to the breach, DHSS has enhanced its security protocols and policies to ensure all department devices are equipped with the most up-to-date virus protection software.