Utah Department of Administrative Services reports web site breach
Technorati Tag: Security Breach
Date Reported:
3/15/08
Organization:
State of Utah
Contractor/Consultant/Branch:
Department of Administrative Services
Division of Finance
Victims:
Citizens
Number Affected:
~500
Types of Data:
"personal information"
Breach Description:
"Computer files containing the personal information of approximately 500 individuals may have been accessed by unauthorized persons during a security breach at the Utah Division of Finance."
Reference URL:
Deseret Morning News
The Salt Lake Tribune
Report Credit:
The Salt Lake Tribune
Response:
From the online sources cited above:
The personal information of nearly 500 people may have been hacked into at the Department of Administrative Services.
Computer files containing the personal information of approximately 500 individuals may have been accessed by unauthorized persons during a security breach at the Utah Division of Finance.
Officials there say it is highly unlikely that the perpetrator accessed the personal information, but the department is attempting to contact everyone whose information may have been breached.
[Evan] Due to the fact that the individuals that were affected are the actual owners of the information in question, additional details are required so that they can judge the risk for themselves.
"We are now taking steps to determine the amount of information, if any, that was accessed by unauthorized persons. Utah attorney general special agents assigned to the Identity Theft Task Force are investigating this matter,"
The state withstands more than 100,000 potential attacks a day and the Department of Technology Services has stringent security policies in place.
[Evan] I'm not sure why it this is important. 100,000 daily attacks is not really that much for any web site with a moderate presence on the internet. This number probably takes into account port scans and probes. I would guess that port scans, probes, scripts, and errant traffic account for 95+% of these attacks. It is good to read that Utah DTS is keeping tabs and blocking at the perimeter.
Commentary:
There are few details available pertaining to this breach. I was unable to find the press release mentioned in the article(s).
Past Breaches:
State of Utah:
September, 2007 - Stolen Utah Department of Workforce Services laptop exposes 2,000

3/15/08
Organization:
State of Utah
Contractor/Consultant/Branch:
Department of Administrative Services
Division of Finance
Victims:
Citizens
Number Affected:
~500
Types of Data:
"personal information"
Breach Description:
"Computer files containing the personal information of approximately 500 individuals may have been accessed by unauthorized persons during a security breach at the Utah Division of Finance."
Reference URL:
Deseret Morning News
The Salt Lake Tribune
Report Credit:
The Salt Lake Tribune
Response:
From the online sources cited above:
The personal information of nearly 500 people may have been hacked into at the Department of Administrative Services.
Computer files containing the personal information of approximately 500 individuals may have been accessed by unauthorized persons during a security breach at the Utah Division of Finance.
Officials there say it is highly unlikely that the perpetrator accessed the personal information, but the department is attempting to contact everyone whose information may have been breached.
[Evan] Due to the fact that the individuals that were affected are the actual owners of the information in question, additional details are required so that they can judge the risk for themselves.
"We are now taking steps to determine the amount of information, if any, that was accessed by unauthorized persons. Utah attorney general special agents assigned to the Identity Theft Task Force are investigating this matter,"
The state withstands more than 100,000 potential attacks a day and the Department of Technology Services has stringent security policies in place.
[Evan] I'm not sure why it this is important. 100,000 daily attacks is not really that much for any web site with a moderate presence on the internet. This number probably takes into account port scans and probes. I would guess that port scans, probes, scripts, and errant traffic account for 95+% of these attacks. It is good to read that Utah DTS is keeping tabs and blocking at the perimeter.
Commentary:
There are few details available pertaining to this breach. I was unable to find the press release mentioned in the article(s).
Past Breaches:
State of Utah:
September, 2007 - Stolen Utah Department of Workforce Services laptop exposes 2,000
Comments