INDIANAPOLIS: Indiana health officials said Tuesday they are notifying nearly 750,000 state residents that a cybersecurity company improperly accessed their personal data from the state’s online COVID-19 contact tracing survey.
The Indiana Department of Health said the state was notified July 2 that a company gained unauthorized access to data, including names, addresses, dates of birth, emails, and data on gender, ethnicity and race.
The nearly 750,000 people whose data was accessed represent all of the state’s participants in its online COVID-19 contact tracing survey, said agency spokeswoman Megan Wade-Taxter.
Officials did not identify the company involved in their news release, but Wade-Taxter said the company was UpGuard, a cybersecurity company based in Mountain View, California.
The Associated Press left a message Tuesday afternoon seeking comment from UpGuard on its unauthorized access of the data.
State Health Commissioner Kris Box said the state health department does not collect Social Security information for its COVID-19 contact tracing program, and no medical information was obtained.
We believe the risk to Hoosiers whose information was accessed is low,” Box said in a news release.
Officials said that UpGuard signed a certificate of destruction last week with the state to confirm that it had destroyed the data and not released it to any other entity.
The Indiana Office of Technology and the state health department said they have corrected a software configuration issue involved in the unauthorized access. Both departments also requested the accessed records, and those were returned Aug. 4, according to the news release.
We have corrected the software configuration and will aggressively follow up to ensure no records were transferred,” said Tracy Barnes, Indianas chief information officer.
The health department said it will send letters to affected Hoosiers notifying them that the state will provide one year of free credit monitoring and is partnering with Experian to open a call center to answer questions from those affected.
The Indiana Office of Technology said it will also continue regular scans to ensure that the information was not transferred to another party.
Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor
Read all the Latest News, Breaking News and Assembly Elections Live Updates here.
Comments
0 comment