The news out of Utah just keeps getting worse and worse.

Last week, Utah's Department of Health (UDOH) announced that on Friday, the 30th of March, its Department of Technology Services (DTS) had experienced a data breach on a computer server that stores Medicaid and Children’s Health Insurance Program (CHIP) claims data. DTS discovered the breach on Monday, April 2nd, after the hackers started downloading data from the server. In response, DTS immediately shut down the server.

The DTS said that the "information on the server included claims payment and eligibility inquiries. This could include sensitive, personal health information from individuals and health care providers such as Social Security numbers, names, dates of birth, addresses, diagnosis codes, national provider identification numbers, provider taxpayer identification numbers, and billing codes."

When the breach was originally announced to the press last Wednesday, April 4th, UDOH reported that the information stolen involved 24,000 claims, and that the signs pointed to the hackers being from eastern Europe.

However, on the next day, news reports indicated that the breach actually involved 24,000 Medicaid related files. The small change in description was significant. On Friday, UDOH admitted that many of the 24,000 files contained hundreds of records each, which raised the total to some 181,000 beneficiaries with some personal information was stolen. (This included 25,000 Social Security numbers.)

According to an AP story, a DTS spokesperson said:

"Although the state has multiple layers of security on every server, a technician installed a password that wasn't as secure as needed."

The state is offering those affected a year of credit monitoring services, but one potential problem is that many of the Social Security numbers stolen are those of children. Social Security numbers of children are highly sought after by identity thieves, because they can be used to fly under the radar for a very long time without getting discovered.

Things then got worse this Monday, April 9th, when UDOH announced that instead of just 24,000 files being stolen, it was actually 224,000 files. That translated into an additional 751,000 medical records compromised, bringing the total to over 925,000 potential victims. According to a story in today's Salt Lake Tribune, DTS has determined that 800,000 Utah residents (or one out of six Utah residents) were definitely affected by the breach, including 255,000 whose Social Security numbers are now possessed by hackers. However, because the records are incomplete on the remaining 125,000 or so victims, they cannot be identified (at least for now) or notified that they may be at risk.

Utah's Governor Gary Herbert told the Tribune that DTS is going to do everything in its power to restore both security and trust in its operations. However, that is likely to take some doing, given how the breach occurred and the fact that the records were not encrypted in the first place.  Maybe DTS should take some of its own security advice it likes to give to everyone else.

The Utah breach highlights the point made in an IT security report (pdf) that Verizon released last month. Verizon's examination of hundreds of data breaches in 2011 showed that in 97% of the data breaches it examined, hackers used rather simple methods of attack to gain access to their victims' systems.

According to a Verizon security analyst,"the breached companies lacked firewalls, had ports open to the Internet or used default or easy-to-guess passwords."

And given that hackers are still resorting to "wardriving" to find vulnerable home and business Wi-Fi networks, a little security consciousness now can save a whole lot of trouble later.

The Conversation (0)

Metamaterials Could Solve One of 6G’s Big Problems

There’s plenty of bandwidth available if we use reconfigurable intelligent surfaces

12 min read
An illustration depicting cellphone users at street level in a city, with wireless signals reaching them via reflecting surfaces.

Ground level in a typical urban canyon, shielded by tall buildings, will be inaccessible to some 6G frequencies. Deft placement of reconfigurable intelligent surfaces [yellow] will enable the signals to pervade these areas.

Chris Philpot

For all the tumultuous revolution in wireless technology over the past several decades, there have been a couple of constants. One is the overcrowding of radio bands, and the other is the move to escape that congestion by exploiting higher and higher frequencies. And today, as engineers roll out 5G and plan for 6G wireless, they find themselves at a crossroads: After years of designing superefficient transmitters and receivers, and of compensating for the signal losses at the end points of a radio channel, they’re beginning to realize that they are approaching the practical limits of transmitter and receiver efficiency. From now on, to get high performance as we go to higher frequencies, we will need to engineer the wireless channel itself. But how can we possibly engineer and control a wireless environment, which is determined by a host of factors, many of them random and therefore unpredictable?

Perhaps the most promising solution, right now, is to use reconfigurable intelligent surfaces. These are planar structures typically ranging in size from about 100 square centimeters to about 5 square meters or more, depending on the frequency and other factors. These surfaces use advanced substances called metamaterials to reflect and refract electromagnetic waves. Thin two-dimensional metamaterials, known as metasurfaces, can be designed to sense the local electromagnetic environment and tune the wave’s key properties, such as its amplitude, phase, and polarization, as the wave is reflected or refracted by the surface. So as the waves fall on such a surface, it can alter the incident waves’ direction so as to strengthen the channel. In fact, these metasurfaces can be programmed to make these changes dynamically, reconfiguring the signal in real time in response to changes in the wireless channel. Think of reconfigurable intelligent surfaces as the next evolution of the repeater concept.

Keep Reading ↓Show less