The Des Moines Register reports on a security breach of a state government database in Iowa that might leave residents vulnerable to identity theft.
[Sen. William Dotzler Jr.], a Waterloo Democrat, is a board member of the nonprofit Black Hawk County Gaming Association, a partner of the Isle Casino in Waterloo. He is among 80,000 people whose information in the licensing database of the Iowa Racing and Gaming Commission was compromised last month.
The Federal Bureau of Investigation and the Iowa Division of Criminal Investigation have confirmed to The Des Moines Register they are seeking details of the Jan. 26 incident. State officials suspect the hacking originated in China, although they aren’t sure because cyber bandits often disguise their tracks. […]
The Iowa Racing and Gaming Commission’s licensing database was hacked while the state-owned Iowa Communications Network performed routine Internet maintenance. As routers were being replaced, circuits were inadvertently routed around a fire wall. The database was subsequently compromised because security software patches hadn’t been properly installed by a private contractor, state officials said.
The database includes names, addresses, dates of birth and Social Security numbers of current and former employees of Iowa’s casino and racetrack industry, such as card dealers, cocktail servers, slot machine technicians and horse trainers, including some who haven’t worked in the industry for a decade. […]
People whose information was compromised have every reason to worry, said Mari Frank, a lawyer from Laguna Nigel, Calif. “The sky is the limit as to what could happen.”
Even if the hacker doesn’t open new credit accounts, names and personal data could be sold on the black market. Criminals can also use such information to obtain government benefits and medical care, she said.