Cyberattack Leads Governor to Call for Audits

(KCPW News) Governor Gary Herbert is calling for independent audits in response to last week’s data breach at the Utah Department of Technology Services, which compromised the personal information of up to 780,000 Utahns. Spokeswoman Ally Isom says the audits will look at the state’s security procedures and how this specific incident was handled.

“He wants to look not only at this specific incident to better understand what went wrong, but he wants a broader examination of all state agencies to ensure that whatever personal information we have stored right now is done so to according to best practices and to ensure the security of that data,” she tells KCPW.

The breach led to the release of up to 280,000 social security numbers of residents on Medicaid or the Children’s Health Insurance Program, along with those who had their names submitted by a health care provider to see if they were eligible for Medicaid.

Isom says the Governor is making the audits a top priority, along with protecting those whose information was compromised in the breach.

“We are doing everything we can at this time to ensure the security of all state systems and restore the trust of all Utahns, so the Governor has ordered that this is an around-the –clock, 24/7, all-hands-on-deck effort to ensure that the system is no longer vulnerable,” she says.

An outside firm will be retained to perform the audits. The cyberattack is believed to have come from Eastern Europe. The state says the server the data was stored on was not configured according to normal procedures.