The Alaska Department of Health and Social Services (DHSS) will commence sending notification letters to all people in the state informing them about the possible exposure of their personal and health data due to a highly advanced cyberattack performed by a nation-state attacker.
The cyberattack was noticed on May 2, 2021 and the DHSS was advised concerning the attack on May 5, and was instructed to close its systems without delay to avert more unauthorized access. Specifics of when the cybercriminals earliest obtained access to DHSS systems was not revealed, however, it is regarded that Advanced Persistent Threat (APT) actors acquired access to the systems of DHSS for no less than 3 days.
The DHSS has revealed the security incident and gave an update regarding the breach in August. The newest update last September 16 points out the likely consequence the attack will have on Alaskans. The DHSS likewise mentioned notifications were deferred in order not to hinder the criminal investigation into the attack.
The cyberattack was big and brought on serious interruption. Several IT systems affected continue to be inaccessible, such as the sites of a number of divisions. Temporary websites were employed to host critical data until the web pages could be recovered. There is no time frame yet when all systems are going to be restored back on the internet. The department’s IT infrastructure is sophisticated, and so the restoration process is taking quite some time
The cybersecurity organization Mandiant was involved to carry out an investigation into the incident. In an August report, the DHSS mentioned hackers had taken advantage of a webpage vulnerability that permitted them to acquire access to DHSS information. This complex attack was done unnoticed over a lengthy time period. The attackers worked to keep that continuous access even though they were found, reported DHSS Technology Officer Scott McCutcheon.
All records saved on DHSS infrastructure during the time of the attack is assumed to have been exposed and may likely be misused, which suggests the personal and health information of over 700,000 persons has probably been compromised.
DHSS currently do not know which records were viewed or stolen, nevertheless, it possibly includes names, birth dates, telephone numbers, addresses, Driver’s License Numbers Social Security Numbers, internal identifying numbers (which include case reports, Medicaid, protected service reports etcetera.), medical data, financial data and historical details relating to any communications with the DHSS.
DHSS encourages all Alaskans who furnished records to DHSS, or who might have information kept on the web with DHSS, to do something to keep themselves from identity theft,” stated in the DHSS breach notification. The DHSS claims it is giving complimentary credit monitoring services to “any involved Alaskan” because of the cyberattack, and a code for enrolling for those services will be made available in the breach notices, which is going to be sent by mail from September 27, 2021 to October 1, 2021.
This breach case both relates to the Health Insurance Portability and Accountability Act (HIPAA) and the Alaska Personal Information Protection Act (APIPA).
“DHSS remains working to further fortify its systems, tools and personnel to be stronger against potential attacks, mentioned DHSS Chief Information Security Officer Thor Ryan. Tips for potential security tweaks are being found and given to state leadership.
It’s not the first time that a security breach has impacted all state locals. In January 2019, close to 700,000 Alaskans were alerted by DHSS concerning a hacking incident that compromised their personal records. In that case, the Zeus Trojan was set up on its network in June 2018.