Hackers believed to be operating out of Eastern Europe gained access to around 24,000 Medicaid claims housed on a Utah Technology Services Department server, according to the state's health department.
The Utah Health Department stated in a news release that the state's tech services department, which operates the server containing the Medicaid claims, gave notice of the breach on Monday evening. The breach itself appears to have occurred Friday, according to the release.
Accessed records—based on the types of data stored on similar servers—may have included recipients' names, addresses, dates of birth, Social Security numbers and procedure codes as well as their physicians' names, addresses and tax and national provider identification numbers.
The Utah tech services department had recently moved the claims records to a new server, and hackers apparently "were able to circumvent the server's multilayered security system," the health department's release said.