JEFFERSON CITY, Mo. — Nearly two months after the discovery that more than 10,000 Missourians had their personal information breached by a state contractor, the Department of Health and Senior Services is notifying individuals through the mail.
10,400 letters have been sent to Missourians who had their personal information retained prior to September 30, 2016, by a previous state contractor in a non-password-protected file. The information, which differed for each person, included names, dates of birth, identification numbers issued by some state agencies, and a number of social security numbers.
“The State learned of this incident on the Thursday before Labor Day. We immediately worked with other State agencies over the Labor Day holiday to prevent any dissemination of this data now or in the future,” said DHSS Director Dr. Randall Williams. “Present leadership takes very seriously our requirement to protect information, and we have referred our findings to the appropriate law enforcement authority.”
Williams noted that the past information technology contractor for the State of Missouri may have acted illegally by retaining the information prior to September 30, 2016. He said the data, stored in an electronic file that was not password-protected, included “some names, dates of birth, identification numbers issued by some State agencies and a very limited number of social security numbers.”
The types and amount of personal information retained by the contractor varied by person. According to DHSS, each person did not necessarily have all types of personal information listed previously retained by the contractor.
The State of Missouri learned the breach of security on August 30, 2018. Since that time, DHSS said they have been diligently analyzing the data contained in the electronic file to determine the scope of the breach and to determine contact information for affected individuals.
DHSS said they have no reason to believe, at this time, that the information was actually viewed or used by anyone intending harm. The matter has been referred to the appropriate legal authority to investigate and determine appropriate legal action, the news release states.
Still, the department is recommending that individuals remain vigilant by reviewing account statements and monitoring free credit reports for unusual activity. Those who had their information accessed can contact consumer credit reporting agencies to place a free fraud alert on their credit or to request a free credit freeze.
- Equifax: 1-800-525-6285; www.equifax.com; https://www.freeze.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241.
- Experian: 1-888-397-3742; www.experian.com; https://www.experian.com/freeze/center.html; P.O. Box 9532, Allen, TX 75013.
- TransUnion: 1-800-680-7289; www.transunion.com; https://freeze.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790.
Additional information about obtaining credit reports may be obtained from the Federal Trade Commission by visiting https://www.consumer.ftc.gov.
Individuals who received a letter from DHSS and have additional questions may call the Missouri Department of Health and Senior Services at 1-888-252-8045, Monday through Friday, 8 a.m. to 5 p.m.