Of those individuals who had their personal information removed from the server late Sunday, 25,096 appear to have had their Social Security numbers compromised, according to Utah Department of Health spokesman Tom Hudachko.
UDOH officials announced the breach Wednesday, while an internal investigation was ongoing. At this point, letters will be mailed to individuals whose information was compromised, including instructions and access to resources on what to do next.
Hudachko said those affected will have an option to take advantage of free credit monitoring services for one year.
"We understand clients are worried about who may have accessed their personal information, and that many of them feel violated by having their information compromised," said UDOH deputy director Michael Hales. "But we also hope they understand we are doing everything we can to protect them from further harm."
Initially, it appeared 24,000 claims had been accessed. As the investigation progressed, it was determined that hackers actually obtained 24,000 files, each of which can potentially contain claims information on hundreds of individuals.
The cyber attack was traced to a moment in time when the server did not have ample protection in place. An Internet protocol address led to hackers in Eastern Europe, according to Utah Department of Technology Services spokeswoman Stephanie Weiss. She said the agency was working with the FBI to uncover more answers.
DTS has also identified where the breakdown occurred, and has implemented new processes and taken additional steps, to ensure the same type of breach will not happen again. Those steps include increased network monitoring and the implementation of intrusion detection capabilities.
Concerned Medicaid clients are still encouraged to call (800) 662-9651 for more information on how to protect themselves and their identities. Information is also available online, at www.health.utah.gov/databreach.