The Missouri Department of Social Services (DSS) is pushing state residents to monitor and protect their identities as the department continues to respond to a May 2023 third-party cyberattack.
In May the Missouri DSS identified a “data security incident that occurred with IBM Consulting (IBM) that involved Progress Software’s MOVEit Transfer software.” The data vulnerability did not directly impact any DSS systems, but impacted data belonging to DSS.
Missouri DDS issued a notice saying that the protected health information of Medicaid participant may have been accessed by an unauthorized party in the security incident. The information involved in this incident may include an individual’s name, department client number, date of birth, possible benefit eligibility status or coverage, and medical claims information.
However, DSS is still reviewing the files associated with this incident, and said that process will take more time to complete.
“We are working to analyze these files as quickly as possible and will contact additional people individually should we determine during this review that different or additional information or individuals were potentially impacted,” the notice states.
In the notice, DSS also provides Missourians with steps they can take to protect their information. Those include freezing their credit for free, which stops others from opening new accounts and borrowing money in their name, while allowing them to continue to use existing credit cards or bank accounts.
Although there has been no indication to date that DSS data has been misused, DSS still encourages potentially impacted Missourians to be vigilant.