The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents.
The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the allocation of state resources, was inadvertently publicly viewable as far back as April 2021 through September 2025, when the security lapse was discovered. Officials said the exposed data included personal information on 672,616 individuals who are Medicaid and Medicare Savings Program recipients. The data included their addresses, case numbers, and demographic data — but not individuals’ names.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- US Cyber Command shored up nine nations’ defenses last year
May 4, 2022
US Cyber Command chief General Paul Nakasone has revealed the agency he leads conducted nine “hunt forward” operations last year, sending teams to different counties to help them improve their defensive security posture and hunt for cyberthreats. These missions provide “security for our nation in cyberspace,” said Nakasone, who is also director of the National Security ...
- Hack DHS: Homeland Security’s first bug bounty turns up 122 vulnerabilities
April 25, 2022
The US Department of Homeland Security (DHS)’s first bug bounty with external researchers called “Hack DHS” helped discover 122 vulnerabilities. DHS announced the Hack DHS bounty in December and in phase one of the program invited more than 450 “vetted security researchers” to get involved. DHS suggests the program produced solid results: 27 or about 22% ...
- US govt grants academics $12M to develop cyberattack defense tools
April 22, 2022
The US Department of Energy (DOE) has announced that it will provide $12 million in funding to six university teams to develop defense and mitigation tools to protect US energy delivery systems from cyberattacks. Cybersecurity tools developed as a result of the six university-led research, development, and demonstration (RD&D) projects will focus on detecting, blocking, and ...
- Five Eyes nations fear wave of Russian attacks against critical infrastructure
April 20, 2022
The Five Eyes nations’ cybersecurity agencies this week urged critical infrastructure to be ready for attacks by crews backed by or sympathetic to the Kremlin amid strong Western opposition to Russia’s invasion of Ukraine. The joint alert, issued by cybersecurity authorities in the US, UK, Australia, Canada and New Zealand, provides technical details on more than ...
- US Treasury links North Korean hacker group Lazarus to $600M Axie Infinity heist
April 14, 2022
The US Treasury Department on Thursday linked a notorious North Korean hacking group to a massive $600 million cyber breach last month. The connection was clear when the Treasury Department updated its sanctions listing for the hacking group, called Lazarus Group. The federal agency added a cryptocurrency address that was used to steal $600 million from ...
- Demand for cyber threat intel growing, White House official says
April 6, 2022
Private sector companies are increasingly asking the federal government for cyber threat intelligence as they seek to shore up their defenses against growing online threats, a White House cyber official told lawmakers on Wednesday. Robert Knake, a U.S. official in charge of budget and policy at the White House’s Office of the National Cyber Director, told ...