The Iowa Department of Health and Human Services confirmed that it suffered from a data breach that exposed the personal data of 20,800 Iowans who receive Medicaid. The cyberattack did not impact the Medicaid system itself, and the attack occurred on a contractor’s computer systems. The contractor impacted by the cyberattack, Telligen, assists the department with annual assessments for Medicaid members.
Security companies have expressed concern at the amount of time that it took for the health organization to disclose the cyberattack and data breach. According to security researchers, there were eight months between detection of the attack and informing victims. Information exposed includes names, Medicaid details, and other sensitive information. Criminals could use the breached information for Medicaid fraud and phishing, identity theft, and other malicious attacks.
Read More: Over 20,000 Iowa Medicaid Members Affected By Data Breach