IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Missouri Grapples With Medical Records Data Breach

Thousands of low-income Missourians have contacted state officials through a call center, seeking more information about a recent attempt to steal computer data within the state's Medicaid program.

(TNS) — Thousands of low-income Missourians have contacted state officials seeking more information about an attempt to steal computer data within the state's Medicaid program.

According to the Missouri Department of Social Services, a call center established to handle inquiries about the hack has received a total of 2,309 calls through Tuesday after the latest effects of a nationwide data breach was outlined by the agency earlier this month.

In addition to DSS, the University of Missouri System also has begun notifying students and employees about the data breach of the software MOVEit.

The file sharing program is used by some university departments involved in "enrollment and pension processes."

Mizzou's announcement follows one by the Southern Illinois University system in July. Maryville University also is offering free credit reporting after its pension benefits system was exposed.

The security incident has not affected systems under Missouri's Office of Administration, which is the main payroll and accounting agency for thousands of state employees, said spokesman Chris Moreland.

He added that the state's software has been upgraded with all required patches.

The attacks, originating in May, allowed hackers to steal data from over 600 companies, educational organizations, federal government agencies and state agencies.

At the Department of Social Services, officials have identified at least 40 Medicaid participants and service providers that have been "directly impacted."

"When we identify individuals who have been directly impacted we send them a separate notice and arrange credit monitoring services," DSS spokeswoman Caitlin Whaley said.

Most people who are calling the agency are checking to verify the notification they received.

"Overwhelmingly the questions that I have gotten and that I am aware of are people confirming that the correspondence they received was legitimate and not a scam," Whaley said.

The information involved in this incident may include an individual's name, department client number, date of birth, possible benefit eligibility status or coverage, and medical claims information.

"DSS is still reviewing the files associated with this incident. This will take us some time to complete. These files are large, are not in plain English, and are not easily readable because of how they are formatted," a notification from DSS said.

At Mizzou, officials announced this week they had opened an investigation into the breach and that officials have "initially determined that some personal data has been compromised."

"This is a large-scale investigation and as such, many details, including the specific types of information and the number of individuals involved, are still unknown," an email to employees read.

The release included actions that students and current and former employees can take to protect their information such as placing a freeze on credit and avoiding attachments and links in emails from unknown senders.

© 2023 the St. Louis Post-Dispatch. Distributed by Tribune Content Agency, LLC.