State works to boost cyber security

By Andy Jenks - bio | email
Posted by Terry Alexander - email

HENRICO, VA (WWBT) - Virginia is taking new steps to boost "cyber security", a month after 35-million prescription records were potentially exposed to a computer hacker. The state's prescription database is still shut down Thursday night, while security experts create new ways to keep hackers out.

Patients, whose records were potentially exposed, are being told to watch out for fraud, for perhaps the next year. It's been a month of cyber-change, at the Virginia Department of Health Professions.

"All of us have been so, so upset over this," said DPH Director Sandra Whitley Ryals.

A month ago, we found out that the DHP discovered a potential hacker in its computerized prescription database. Up to 35-million records, some including social security numbers were potentially exposed. So the database was shut down and is still that way, Thursday.

"Precaution for the next 12 to 14 months in very much advised," said Sandra.

Sandra wants Virginians to know that the agency is devising new ways to keep hackers out. Along with additional steps to make sure personal information is no longer breached.

"We will not accept social security numbers, even if one still has it," she said.

The DPH says the breach does not involve everyone who's ever had a prescription filled, only those for controlled substances. And even then, not all patients are included.

"It's not, you know, your antibiotics. It's not Viagra or Cialas or birth control pills, even though there are 35 million prescription  records in the database, only about 530,000 appear to have what may have been a social security number," said Sandra.

This week, the "half a million" Virginians whose records may have been exposed, will receive a letter detailing the possible risks. Meantime, state and federal law enforcers continue to investigate who may have hacked into the system.

"This is criminal activity, and whoever has done this is responsible for that," she said.

The Department of Health Professions has more information about the possible breach on its web site.

(c) 2009. WWBT, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.