Missouri Dept of Social Services, Medicaid, and University of Missouri Breach
Date: May, 2023Missouri recently suffered data breaches impacting the Medicaid program through the Department of Social Services, and students and staff at the University of Missouri. Each of these programs involves thousands of people, and local Missouri residents should be aware of how the breach occurred and how it might affect them.
What Was the Breach?
- Social Security Numbers
- First and Last Names
- Birth Dates
- Medical Information
- Financial Information
- Home Addresses
How Did the Breach Occur?
The Medicaid and university breaches occurred because hackers identified a security vulnerability in a file-transfer tool called MOVEit. The tool is meant to protect government and other confidential files when they're being transferred between organizations. Unfortunately, the C10p ransomware gang learned of an exploit that enabled them to access and download every one of the files connected to the software by the organization using it. This vulnerability enabled the gang to steal files from Missouri's Medicaid program, as well as from the University of Missouri. More than 600 organizations were impacted by this breach overall.
When Did This Breach Occur?
The creators of MOVEit announced the existence of the vulnerability and some of the breaches that occurred on May 31. It's suspected that these breaches occurred around the end of May for that reason, but a specific date is not known.
Who Does the Breach Impact?
The Medicaid breach impacts low-income Missouri residents, while the University of Missouri breach may impact students and faculty at the school. Anyone who believes their data may have been exposed by these breaches should wait for a letter to come in the mail notifying them of the breach. Even if you don't receive a letter, it's a good idea to check your credit for any unexpected changes that could be related to identity theft attacks.
How Many Files Does the Breach Affect?
We don't have a file count for the Medicaid or University of Missouri file breaches. We suspect thousands of documents were taken in these attacks, but even a few stolen files can do serious harm.
Recent Breaches
Cisco Duo Breach
Cisco Duo is an access security provider that offers solutions for small business and commercial control products, including multi-factor authentication (MFA), single sign-on, and access control services....
AT&T Breach
American Telephone and Telegraph Company (AT&T) is the fourth-largest telecommunications provider, behind Verizon, Comcast, and China’s state-funded communications solution...
Fujitsu Limited Breach
Fujitsu Limited is the world’s sixth-largest IT service provider. Based in the Minato City ward of Tokyo, Japan, Fujitsu offers various technology solutions for personal and commercial use...
Cybersecurity and Infrastructure Security Agency Breach
The CISA collaborates with other government agencies to notify victims of breaches and respond to threats. These include the Federal Bureau of Investigation, the Multi-State Information Sharing & Analysis...
Roku Inc. Breach
Roku is a global streaming and entertainment organization. It offers solutions for direct streaming, live channels, music, niche channel entertainment, smart home devices, travel technology, audio options,...