Utah Department of Health Data Security Breach

September 12, 2013
Accounting Information Systems

Utah Department of Health Data Security Breach
Introduction
On March 10, 2012, thousands of people fell victim to having their social security numbers, birthdays, names, addresses, and even their medical diagnosis stolen by computer hackers. On April 2, 2012, the breach was realized and 780,000 people learned that their identities were stolen and would now need to monitor their credit. Computer and internet fraud is defined by the federal law as “the use of a computer to create a dishonest misrepresentation of fact as an attempt to induce another to do or refrain from doing something which causes loss” (www.law.cornell.edu). There are many forms of criminal activity on the internet; one such form is called hacking. Hacking is when someone uses “sophisticated tools” in an effort to gain access into someone else’s internet database system. In the above-mentioned case, the Utah Department of Health experienced hackers gaining access to thousands of peoples’ private information. As we will learn, later in this writing, hacking can cause millions of peoples’ lives to be turned upside down in an incredibly short period of time. The Breach

In March 2012, hackers were able to gain access into a Medicaid server that stored private identity and health information. A technician had placed the server online a...

/databreach/common-questions.html, /news/west/2013/05/01/290357.htm, /wex/computer_and_internet_fraud, 000 1 10 12 2 2012 2013 3 4 406 5 6 780 abl above-ment access account activ address affect alert allow almost alreadi also although amount anoth anyon approach april around articl assist attack attempt autom away bank basic becom benefit birthday breach busi call card care case caus cell chang charg check children claim clean commit common compani complianc compromis comput conceal conclus consum contain control convert corpor cost could creat credit crime crimin cyber cyber-crim daili data databas date day decad default defin deni depart detect diagnosi didn differ difficult discuss dishonest doesn effort element els employ end especi even event ever everyth exact exampl experienc explain extra fact factor factori fals fault feder fell file financi find fit form fraud free futur gain global go hack hacker happen health hole hope ident identifi includ incom inconsist increas incred incurs individu induc infiltr inform inject instanc insur integr internet introduct involv journal k lake larg last later law leader learn least like line live look loss low low-incom m make malwar mani march may mean medic medicaid mention mess million misrepresent miss mistak model monetari money monitor much name need neglect next notic number one onlin opportun owner password password1 patient peopl perceiv perform period phone place polici popular possibl present prevent privat proactiv problem procedur profil program protect provid public ration real realiz reason receiv recipi refrain regard report resourc respons result retire retriev return right rise routin salt say search secur see sell sent septemb server servic set sever short shut sinc six small social societi softwar someon someth sophist sql start state steal step stewart still stolen stop store strategi struggl studi sure symant system take target tax technician tell ten thing thousand threat three time today togeth tool tri triangl tribun turn ultim uninsur upsid use utah ve victim violat virus vulner warrant way wealthi well wherea whose won world would write www.health.utah.gov www.health.utah.gov/databreach/common-questions.html, www.insurancejournal.com www.insurancejournal.com/news/west/2013/05/01/290357.htm, www.law.cornell.edu www.law.cornell.edu/wex/computer_and_internet_fraud, www.sltrib.com year