Department of Health and Social Services data breach, dating back in Spring 2018, is announced with more victims
It seems that an infamous Zeus virus, apparently relaunched by Russian attackers, impacted more than 100 000 households in Alaska in April 2018. As the Department of Health and Social Services has reported, the affected ones include the users of the Division of Public Assistance programs, including such programs as Medicaid and SNAP.
The director of the Division of Public Assistance, Shawnda O'Brien, stated in her report:
I think it is important to reassure folks that every step that we can possibly take to prevent this kind of happening has been put in place, but unfortunately, there are some viruses we just aren't able to be prepared for.
At first, it was believed that the breach affected only 500 Alaska citizens, but the attack was examined more thoroughly and new findings were made. Further investigations of the State of Alaska, Office of Information Technology and the FBI have revealed that the attack is related to the Russian attacker who was relying on Russia-based IP addresses while interacting with infected computers during the crime.
The virus bypassed several security layers and targeted the main computer used for storing confidential documents related to the clients. Unfortunately, the hacker managed to take over people's names, social security numbers, birth dates, addresses, information about patients' health, benefits, and income.
The suspected breach was first reported in June 2018
DHSS notified its users about the breach publicly back in June 2018. The message stated about the cyber attack that took the place on April 26, when the computer belonging to the Department of Public Assitance was infected with the Zeus virus. The infection was discovered four days later and was believed to impact no more than 500 Alaskans.
When DHSS went public, it was reported that data was taken from the Division of Public Assitance and applicants of the following programs got affected:
- Senior benefits related to Medicaid;
- Disabilities related to Medicaid;
- Adult public assistance;
- other PII.
DHSS was also been dealing with the trojan attack back in 2017
The Russian-based Trojan attack in 2018 was not the first cyber attack on the Department of Health and Social Services. Back in July 2017, two computers were affected by trojans that led to a data breach involving various information about patients.
On July 5 and July 8, malware got into the system by hiding the malicious purpose behind legitimate software. During the attack, various family case files, personal information, health details were potentially accessed. It affected drives which contained the Office of Children's Services. At the time, DHSS officials stated:
Upon discovery of these events, the department took immediate action to mitigate further access to the infected computers. The DHSS Information Technology and Security team continues to work quickly to determine the scope of data potentially accessed