Arizona Medicaid MCOs rife with security vulnerabilities raise national concerns

Federal auditors uncovered numerous security vulnerabilities at two Medicaid managed care organizations (MCOs) in Arizona, a finding that could be indicative of broader data security issues across the country.A report (PDF) issued by the Office of Inspector General (OIG) on Tuesday identified 19 significant vulnerabilities in the information systems of the two MCOs, revolving primarily around access control and configuration management. In some instances, the organizations did not disable user accounts for terminated employees or failed to use two-factor authentication...