Utah Health Department Data Breach victims are getting another year of identity theft protect after last years huge breach. This comes on the heels of news coming from South Carolina that the state will offer tax subsidies for residents to buy credit monitor after a big security breach hit the state. Unfortunately these two states have learned first hand the true long tail costs of a breach. The response costs for these types are events can go on for years, credit monitoring, recovery and legal actions can and do take years to resolve. These costs are often overlooked when thinking about Data Breach protection from a risk management view. Like buying something from Ticket Master, there are a lot of hidden costs.
Health department ombudsman Sheila Walsh-McDonald says state lawmakers approved $1 million to extend credit monitoring for a second year. She says the department also used $300,000 to create a privacy and security office to strengthen data security procedures.
State officials announced in May that hackers broke into a government server and stole the personal information of about 780,000 people, including the Social Security numbers of about 280,000.
Utah’s chief technology officer resigned in the wake of the theft.
An ounce of breach prevention is worth a pound of breach response. And although in hindsight it’s hard to know whether these breaches could have been complete prevented (I would say yes), a strong focus on preventive actions would have certainly made them less likely.
You can read the whole article here: Protection Extended for Utah Data Breach Victims