3rd Party Risk Management , Breach Notification , Governance & Risk Management
Hackers Tampered With Some Data That Was Exposed Marianne Kolbasuk McGee (HealthInfoSec) • February 1, 2021An organization that administers a children’s dental and health insurance program in Florida took down its online application platform after it discovered the company that hosted its website apparently failed to address vulnerabilities over a seven-year period, resulting in the exposure of personal data. Plus, hackers tampered with that data, Tallahassee, Florida-based Florida Healthy Kids Corp. says.
The organization says it was notified on Dec. 9, 2020, of a data breach experienced by Jelly Bean Communications Design, which was responsible for hosting the website.
See Also: Dynamic Detection for Dynamic Threats
The personal information of several thousand insurance applicants was inappropriately accessed, the organization says, but it has no evidence that anyone’s personal information was removed from the system.
Longstanding Vulnerabilities
Independent cybersecurity experts hired to conduct a review of the incident identified “significant vulnerabilities in the hosted website platform and the databases that support the online Florida KidCare application,” the organization says.
“Florida Healthy Kids learned that its web hosting vendor had failed to apply security patches to its software, thereby exposing the website to vulnerabilities that were ultimately exploited by the hackers,” according to a statement from the organization.
Support the originator by clicking the read the rest link below.
