Indiana's Medicaid program provides healthcare and health-related services to low-income residents within the state. The program helps millions of individuals, and in the process of providing that help gathers and processes a massive amount of financial, personal, and health-related information. While managing all that data the program was attacked and a data breach occurred, putting more than 700,000 people's information at risk.
The data breach occurred because the Indiana Medicaid program relied on the MOVEit file transfer tool to secure and move data. This tool was used to steal Medicaid customer information when the software was compromised by a ransomware gang.
Since this Medicaid breach was directly related to the MOVEit data breaches the information was likely taken at the end of May or the beginning of June. During that time a huge amount of data may have been lost.
Over 900,000 individuals relying on the Indiana Medicaid program were compromised in this data breach.These individuals may have lost personally identifiable information (PII), financial information, and health-related information as a result of this breach. If you receive a notice informing you the breach involves your data you should act quickly to protect yourself. Check your credit, watch your bank accounts, and consider investing in credit monitoring protection or putting a freeze on your credit.
We aren't sure about the total number of files accessed in the Callaway data breach, but it's likely to be a large number.