(The Center Square) – Missouri’s Department of Social Services is encouraging citizens to monitor their identity and credit information after a third-party cyber attack in May.
The department sent a media release on Tuesday encouraging Missourians to monitor any possible transactions made using their personal information as an unauthorized party might have accessed Medicaid participant information.
“DSS is providing this notice to help Missourians understand the incident, what we are doing and the steps Missourians can take to protect their information,” the release stated.
IBM Consulting is one of the department’s vendors in providing Medicaid services to eligible Missourians. The data security incident involved a third-party application – Progress Software’s MOVEit Transfer software – used by IBM. The MOVEit vulnerability affected hundreds of organizations throughout the nation and world and millions of individuals, according to an assessment by Reuters.
“The data vulnerability did not directly impact any DSS systems, but impacted data belonging to DSS,” the release said. “DSS took immediate steps in response to this incident that are ongoing.”
The department is sending letters to individuals who are potentially impacted by the incident so they can take steps to protect their personal information. It will send additional information or contact additional individuals if it determines they have been affected.
The information involved in the incident includes names, department client numbers, date of birth, possible benefit eligibility status or coverage and medical claims information.
“DSS is still reviewing the files associated with this incident,” the release said. “This will take us some time to complete. These files are large, are not in plain English and are not easily readable because of how they are formatted.”
The department said individuals can freeze their credit free of charge to stop others from opening new accounts and borrowing money in their name while allowing them to continue using existing credit cards and bank accounts.
“There has been no indication to date during the investigation that DSS data has been misused, but we encourage potentially impacted Missourians to be vigilant,” the department said.
IDX, a ZeroFox Company, is working with the department to assist Missourians.
A dedicated call center can be reached at (888) 220-4761 and is open from 8 a.m. to 8 p.m., Central Time, Monday through Friday, except major U.S. holidays. Individuals can also visit an incident response website.
