Health and other information for more than 1,000 Kentucky Medicaid beneficiaries may have been compromised as part of a computer scam, the state said Friday.
Kentucky's Cabinet for Health and Family Services said 1,090 Medicaid beneficiaries will receive a letter notifying them of a data breach that occurred in mid-November. The data included Social Security numbers for about half of the beneficiaries.
The state agency traced the breach to Hewlett-Packard Enterprise Services, the vendor that oversees the Medicaid information management system. CFHS said in a news release
that an employee of Carewise Health, an HP subcontractor, responded to a telephone scam that gave remote access to a computer containing the beneficiaries' information.
The computer was disabled after the breach was reported, and the agency said scams of this nature typically involve charging people for unwanted computer services.
HP will provide free credit monitoring to affected individuals to monitor for identity theft.
The largest hacker attack on Medicaid beneficiary data
occurred in Utah in March. Utah's Department of Technology Services notified 780,000 people that their data, including Social Security numbers for as many as 280,000 individuals, had been compromised.
Utah officials in April said the hack was likely the work of operatives in Eastern Europe but did not at the time supply a reason it was targeted.