Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: all
Company or Organization:
Date Made Public:
September 6, 2017
Company: Alaska Department of Health and Social Services
Location: Anchorage, Alaska
Type of breach:
HACK
Type of organization:
GOV
Records Breached:
0

"Two computers of the Alaska Department of Health and Social Services were hit by malware attacks, which potentially breached the records  of some of its patients.

A Trojan horse virus was found on the two computers on July 5 and July 8. Trojan malware is masked as legitimate software and are used by hackers as leverage into a network."

Data compromised included Children's Services information, medical information and observation, family case files, and other personal information.

Information Source:
Media
Date Made Public:
September 1, 2017
Company: State of Alaska Department of Health and Social Services
Location: , Alaska
Type of breach:
HACK
Type of organization:
MED
Records Breached:

Location of breached information: Desktop Computer

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
October 30, 2009
Company: Alaska Department of Health and Social Services (DHSS)
Location: Juneau, Alaska
Type of breach:
PORT
Type of organization:
GOV
Records Breached:
501

A portable electronic device that may have contained protected health information was stolen from the vehicle of a DHSS employee on or around October 12, 2009.  The Health and Human Services (HHS) Office for Civil Rights (OCR) began an investigation after the incident.  OCR found evidence that DHSS did not have adequate policies and procedures in place to safeguard ePHI.  DHSS was also found to have not completed a risk analysis, implemented sufficient risk management measures, completed security training for its workforce members, implemented device and media controls, or addressed device and media encryption as required by the HIPAA Security Rule.  Alaska DHSS agreed to pay a $1,700,000 settlement.  

Information Source:
Dataloss DB
Date Made Public:
October 30, 2009
Company: Alaska Department of Health and Social Services
Location: , Alaska
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
501

\N

Location of breached information: Other, Other Portable Electronic Device

Business associate present: No

Information Source:
US Department of Health and Human Services
CSV