Nearly 750,000 Citizens' Data Improperly Accessed

Exploit: Misconfiguration
Company: Indiana Department of Health
Industry: Government, Healthcare
Sources: https://www.wowo.com/personal-data-of-nearly-750000-hoosiers-accessed-improperly/

In what state officials are deeming to have been a low-risk data breach, the Indiana Department of Health is notifying affected individuals that data from the state’s COVID-19 online contact tracing survey was improperly accessed.

The incident occurred when a 3rd party company, who was looking to provide security-based services to the agency, accessed the information. The Department was immediately informed, and a “certificate of destruction” was signed to confirm the data had not been copied or downloaded.

In a statement, Tracy Barnes, the state’s Chief Information Officer had this to say, “We take the security and integrity of our data very seriously. The company that accessed the data is one that intentionally looks for software vulnerabilities, then reaches out to seek business. We have corrected the software configuration and will aggressively follow up to ensure no records were transferred.”

In the wrong hands, any amount of compromised data can be costly. Fortunately for the Department, their software vulnerabilities were exposed with good intentions and have seemingly been addressed.

Find out how we can help you defend your business against modern cyber threats.

More than ever, organizations of all sizes have been facing a historical rise in cyber attacks and data breaches. Talk to a cyber security expert today and find out how we can provide expert consulting and a portfolio of Cyber Security solutions designed specifically to protect your organization against today’s most prevalent threats.