[BreachExchange] Data breach exposes personal info of Oklahoma families
Terrell Byrd
terrell.byrd at riskbasedsecurity.com
Fri Mar 4 13:29:15 EST 2022
https://www.kten.com/story/46005131/people-on-the-dds-waitlist-monitoring-for-identity-fraud-after-a-data-breach
(KTEN) — Oklahomans on the Developmental Disabilities Services waiting list
are now monitoring for identity theft issues after a contracted company had
a data breach, possibly exposing personal information.
"I'm really kind of appalled that the information got out in the first
place," said Amy Smith, whose son is on the waitlist.
Liberty Healthcare Corporation was hired by the Oklahoma Department of
Human Services to conduct assessments for individuals on the DDS waitlist.
The data breach happened in December.
Liberty explained what happened in a news release:
“Liberty discovered that an unknown, unauthorized third party (“Third
Party”) accessed a Liberty employee’s email account (“Affected Account”)
and may have been able to access certain emails and documents stored within
the Affected Account, including an unencrypted spreadsheet containing the
personal information of individuals participating in the Oklahoma Waitlist
Program that was sent as an attachment to the account. “
"I'm a little concerned that it states in the letter that the breach was on
December 7th, and the letter I received was dated February 28th," Smith
said.
She said she's been waiting eight years to receive daily living support for
her son.
"He is nonverbal; he has intellectual disabilities and autism and
epilepsy," Smith explained.
His personal information was one of many listed on a spreadsheet that
hackers may have had access to.
"His date of birth, Social Security number, Medicaid number... and that was
the first thing I thought was the Medicaid number,” Smith said. “I mean,
that's his medical care, prescriptions, and he has epilepsy. If we can’t
get his prescriptions that's a huge problem."
The Department of Human Service's Chief of Staff, Samantha Galloway,
addressed the data breach in a meeting on Thursday.
"Out of an abundance of caution and to protect people on the waiting list
Liberty followed all of the protocols,” Galloway said. “Liberty is
offering 12 months of free credit monitoring, internet surveillance,
identity restoration if that is an issue for anybody."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220304/a3f36b45/attachment.html>
More information about the BreachExchange
mailing list