BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

State Health Department Falls Victim To Hackers

From: Erica Absetz <erica () riskbasedsecurity com>
Date: Wed, 3 Jul 2013 15:00:33 -0500
http://detroit.cbslocal.com/2013/07/02/state-health-department-falls-victim-to-hackers/

LANSING (WWJ) - The Michigan Department of Community Health has fallen
victim to hackers.

The state has sent out letters warning residents that computers
hosting the Michigan Cancer Consortium website were accessed by
hackers, breaching the files of nearly 50,000 people — including the
files of WWJ Newsradio 950′s Stephanie Davis.

MDCH spokesperson Angela Minicuci says these are not medical records.

“They were reports that contained information about individuals such
as their names, birth dates and social security numbers. And then it
included with that, testing results and testing dates,” Minicuci said.
“It did not include any address or identifiable contact information
because, again, these are not medical records — they were simply
testing reports.”

Minicuci said the department has removed its files from the hacked server.

“Once we detected that this breach took place, all of the reports were
removed from this website and are now only hosted on an MDCH secure
server, so there’s no way that they can be accessed going forward,”
she said. “And now, being that the reports have been removed, we’ve
corrected the issue.”

Minicuci said they have not had any reports of identity theft as a
result of the breach, but she suggest people who received the letter
from the state file a fraud alert with the three credit bureaus.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss-discuss

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.
Previous By Date Next
Previous By Thread Next

Current thread: