Northern Alaska Region HIPAA and APIPA Security Breach Notification
June 29, 2018
On April 26th, a DPA computer in the Northern region was infected with a Zeus/Zbot Trojan virus, resulting in breaches of the Health Insurance Portability and Accountability Act (HIPAA) and the Alaska Personal Information Protection Act (APIPA) involving more than 500 individuals. The DHSS security team conducted an investigation which revealed the infected computer accessed sites in Russia, had unauthorized software installed, and other suspicious computer behavior that provided strong indications of a computer infection. The computer had documents including information on pregnancy status, death status, incarceration status, Medicaid/Medicare billing codes, criminal justice, health billing, social security numbers, driver’s license numbers, first and last names, birthdates, phone numbers, and other confidential data. Hackers may have used the infected computer to steal data. Preliminary investigations indicate information potentially accessed from this breach originated in the Northern region.
Upon discovery of these events, the department took immediate action to mitigate further access to the infected computer. The DHSS Information Technology and Security team continues to work quickly to determine the scope of data potentially accessed, and will provide up-to-date information to Alaskans who may have been impacted by this event.
Individuals who have had prior contact with the Division of Public Assistance Northern region should call 888-484-9355 to see if their personal information may have been included in this breach. Updates will also be provided at www.dhss.alaska.gov.
For more information about how to avoid identity theft, go to the Federal Trade Commission’s website IdentityTheft.gov.
Editing by Mary Kauffman, SitNews
Source of News:
Representations of fact and opinions in comments posted are solely those of the individual posters and do not represent the opinions of Sitnews.