In March, the Texas Department of Insurance found that data relating to claims made between March 2019 and January 2022 had been compromised.
In March, the Texas Department of Insurance found that data relating to claims made between March 2019 and January 2022 had been compromised.
The release was somewhat vague on details but two things jump out. Number one, per May’s updated report, the data was vulnerable as a result of “programming code that allowed internet access to a protected area of the application.” While nothing can be confirmed, this reads like a classic case of API security mishap.
Number two, and more importantly for our purposes here at FireTail, they could not determine whether the data had been downloaded and misused. Specifically, after hiring on a data forensics company they “could not conclusively rule out that certain information on the web application was accessed outside of TDI.”
That situation is all-too-common but understandable for a government organization like the Texas Department of Insurance. Just to process a workers’ compensation claim, they may need to collect information from the filer, their employer, medical professionals, government officials, attorneys, and more. That data could be all over the place. And that’s if it even exists, many organizations will purge their logs after too short a time to cut costs.
Centralized API logging is a terrific place to start making sense of that mess. Being able to track calls to your various APIs in one place will enable you to detect in real time who is scraping your data and whether or not they should be. FireTail can help you do that. Further, we can help with log retention so that when you need to perform an audit, you can simply access all that API data dating back months or even years, as would have been helpful in this case.
As an insurance organization should understand, prevention is always cheaper than clean-up. Contact us here to learn more about how centralized logging can reduce your API security risk.