Golden State Risk Management Authority notifying members of Systema Software incident

Despite having been notified almost one month ago by Chris Vickery and/or Systema Software, some entities whose databases were exposed on AWS by Systema Software still do not appear to have issued public statements about the incident.  Nor have I seen any reports appearing on HHS’s public breach tool.

But in a statement posted on its site on September 29, one of the affected entities,  Golden State Risk Management Authority, discloses:

Earlier this month, GSRMA was contacted by one of its technology service providers, Systema Software.

Systema provides claims management software to public entities, risk pools and third party administrators across the country. In addition, they host the claims databases for many of these entities, including GSRMA.

It appears that while the hosted databases were being migrated from one cloud provider to another, a backup of claims data was temporarily stored in a mistakenly unsecured folder.

Once notified of this, Systema immediately corrected the issue and secured the data. Their internal incident response team quickly completed analysis that showed that the issue was contained and that the data was secure. To verify this, Systema hired an outside forensic IT firm to independently validate their analysis regarding the narrowness of the scope of this incident.

Based on the initial findings of the incident response team, and following cyber security best practice, we are notifying our members now that the incident response and forensic teams have completed their analysis.

We were able to review results of the third party study and, based on its findings and other analysis we have been provided, we concur with Systema that the issue has been contained and our claims data is secure.

Please contact me if you would like to discuss this matter in more detail.

Rick Krepelka

Chief Operations Officer
Golden State Risk Management Authority

About the author: Dissent