SALT LAKE CITY (ABC 4 News) - There are new questions about that massive computer breach into Utah's Medicaid records.
In March, hackers tapped into the names and personal information of nearly 800,000 Utahns.
This led to Governor Hebert coming under fire and the resignation of the Director of Technology Services.
But ABC 4 has exclusive information about who else may be at fault.
When it comes to this data security breach, some legislators have been somewhat quick to point the finger.
But the question could also be asked; did the problem start with the lawmakers themselves?
In 2005, then Representative David Clark, the sponsor of House Bill 109, made a speech on the floor of Utah’s House of Representatives.
Clark compared the state's decentralized computer systems to,
"23 ships with no admiral."
The legislature then passed a bill creating a computer czar and centralizing the state's system.
In his remarks, Clark said this would make things more efficient and secure,
"The intent of this is to try and find efficiencies and a better way to coordinate the technology, the inner-operability, the capitol outlay and the physical structure of how technology is handled within the state."
And the centralization has apparently saved the state millions and millions of dollars.
But at what cost?
The centralization reportedly led to lay-offs and, eventually, other key state computer personnel
left as well.
ABC 4 News is being told the 2005 reorganization and streamlining has led to too many computer servers being handled by too few people.
In fact, we're also being told the server that was hacked - the one with the Medicaid names - wasn't even supposed to be in use, that it was really set up just to be a test server.
This, perhaps, led to insufficient monitoring and the security breach.
In 2005, Senator Ed Mayne saw potential problems with the new centralized computer plan and tried to warn his fellow lawmakers.
Just before HB 109 passed, Mayne told his senate colleagues,
"I think we're making a big mistake on this information technology system. I hope we really know what we're doing."
Because of the recent security breach, some lawmakers are said to be wondering if the state should return to the old system.
This was the system where state agencies had their own computer experts, the system which was in place until 2005.
FOLLOW CHRIS VANOCUR ON TWITTER: @cvan4