The Idaho DHW Was Breached, Exposing Thousands of Medicaid Patients
Table of Contents
- By Steven
- Published: Jun 23, 2023
- Last Updated: Nov 23, 2023
The Idaho Department of Health and Welfare is a government organization that offers free or low-cost services to Idaho citizens to provide for their health and well-being. This includes things like Medicaid, food programs, and more. The organization is a government agency that manages a huge amount of data for different people. That data could be harmful if gathered by a dangerous individual, which is why it's upsetting to learn that the agency just suffered from a data breach that exposed thousands of citizens.
How Did the Attack Occur?
The attack on the Idaho Department of Health and Welfare (DHW) focused on breaking into a single Medicaid healthcare provider's records and accessing that information. Once inside the system, the hacker gained access to personal and health information for more than 2,501 patients. The data taken from these individuals could result in identity theft and for other types of cyber attacks. The attack occurred on April 18, 2023. The department quickly cut access to its files from the hacker and contacted the FBI for help. Security experts spent the next few months digging through the details of this attack identifying the likely information involved as well as potential victims.
What Information Was Viewed or Stolen?
This DHW cyber attack gave the attacker access to billing codes, member identification numbers, dates of medical services, and the individual first and last names involved. This is the data that we know was available during the data breach. It's possible that additional information was also taken that officials don't yet know about, though a thorough investigation was completed on the breach.
How Did DHW Admit to the Breach?
The Idaho Department of Health and Welfare sent out individual notices to everyone believed to be involved on June 9, 2023. These letters explain what information was involved as well as the potential problems and how to protect yourself. If you get one of these notices, you have access to credit monitoring that you should utilize.
What Will Become of the Stolen Information?
There's no way to know how the stolen information will be used. The attacker could launch identity theft attacks, use the data for phishing attacks and leverage the information to earn money from the victims. If this is how the attacker uses the data, the people involved could suffer credit damage, lose access to their accounts, and more.
What Should Affected Parties Do in the Aftermath of the Breach?
If you receive a notice informing you your data was involved in this breach, take advantage of the free credit monitoring and identity theft services being provided. You'll have one year of protection with help from these services, which will keep you safer over time and help you avoid common problems that might result from the breach. It's also advisable to avoid giving away personal information via SMS, email, or even over the phone. Don't give your data away to people you don't know and trust, and you should have fewer problems with identity theft.
