The Alaska Department of Health and Social Services disclosed late yesterday that it had been the target of a security breach which the agency says may have revealed the personal information of hundreds of Alaskans. The agency is advising anyone who had any interaction with the Division of Public Assistance, or DPA, in the Northern region to look into ways to guard themselves against identity theft.
The breach is believed to be the work of the Zeus/Zbot malware. A single DPA computer was apparently infected in late April but that single infection was enough to compromise the HIPAA and APIPA information of more than 500 people. Some of that data, said the agency in its press release about the breach, included social security and driver’s license numbers, birthdates and other private information.
Anyone who had any interaction with the Division of Public Assistance Northern region should contact the agency at 888-484-9355 to learn if their private info was stolen. The agency promises to update potentially affected users through the agency’s website.
The Zeus/Zbot malware package is well known to online security experts. In the past, it has been used to steal banking login information and to deliver what is known as ransomware, which can hold entire computer networks (like those used by hospitals, health agencies and schools) hostage.
The malware is believed to have originated in Eastern Europe.
Photos by Markus Spiske on Unsplash