Cyber Incident Victim: Alaska Department of Health and Social Services
Date:
Jul 2017
Location:
United States of America
Summary
A malware infection involving a Trojan horse virus compromised two computers within the Alaska Department of Health and Social Services' Office of Children’s Services, potentially exposing sensitive personal information. The breach risked unauthorized access to family case files, medical diagnoses, observations, and other confidential data, impacting over 500 individuals primarily from the Western region. Following detection, immediate mitigation efforts were implemented to isolate affected systems, while investigations continued to determine the full scope. The department established a dedicated contact line and online resource for potentially impacted individuals to seek updates and guidance.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 5 and July 8, 2017, two computers belonging to the Alaska Department of Health and Social Services’ Office of Children’s Services (OCS) were infected by a Trojan horse virus, potentially compromising sensitive personal information. The malware incident created a possible breach of protected health information under HIPAA regulations, affecting more than 500 individuals involved with OCS. Preliminary investigations indicated the compromised data originated from the Western region of Alaska. The potentially accessed information included confidential OCS reports, family case files, personal identifiers, medical diagnoses, clinical observations, and related case documentation. While the department confirmed the malware infection, it could not definitively determine whether attackers successfully exfiltrated or viewed the stored data. The breach notification, disclosed by DHSS on September 1, 2017, specifically warned affected individuals about heightened risks of identity theft due to the exposure of sensitive personal details.
Upon discovering the infections, DHSS immediately isolated the compromised computers to prevent further unauthorized access. The department’s Information Technology and Security team initiated an ongoing investigation to assess the full scope of potentially accessed data and identify impacted individuals. DHSS established a dedicated phone line (888-484-9355) for concerned Alaskans to inquire about their inclusion in the breach and committed to providing updates through its official website. Public guidance directed affected parties to the Federal Trade Commission’s IdentityTheft.gov resource for information on safeguarding against identity fraud, though no credit monitoring or specific remediation services were detailed in the initial announcement. The incident marked a significant operational disruption for OCS, requiring system containment measures while investigators worked to determine the extent of data exposure across case management files.