The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents.
The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the allocation of state resources, was inadvertently publicly viewable as far back as April 2021 through September 2025, when the security lapse was discovered. Officials said the exposed data included personal information on 672,616 individuals who are Medicaid and Medicare Savings Program recipients. The data included their addresses, case numbers, and demographic data — but not individuals’ names.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DoJ takes down Russian botnet that targeted WatchGuard and Asus routers
April 6, 2022
The US Justice Department in March carried out an operation that successfully removed malware known as “Cyclops Blink” from vulnerable internet-connected firewall devices, the department announced Wednesday. The operation disrupted the control the Russian Federation’s Main Intelligence Directorate (GRU) had over a global botnet of thousands of infected devices. The Cyclops Blink Malware specifically targeted WatchGuard ...
- Feds slay dark-web souk Hydra: Servers and $25m in crypto-coins seized
April 5, 2022
US and German federal agencies came down hard on Hydra, the longest-running known dark-web marketplace trafficking in illegal drugs and money-laundering services, with a multi-pronged attack that aimed to cut off multiple heads of the nefarious online beast. First, German federal police in coordination with US law enforcement seized Hydra servers and cryptocurrency wallets containing $25 ...
- National Security Agency employee indicted for ‘leaking top secret info’
April 1, 2022
The United States Department of Justice (DoJ) has accused an NSA employee of sharing top-secret national security information with an unnamed person who worked in the private sector. According to a DoJ announcement and the indictment, an NSA staffer named Mark Unkenholz “held a TOP SECRET/Sensitive Compartmented Information (SCI) clearance and had lawful access to classified ...
- Inspector general says the U.S. post office surveillance program exceeded legal authority
March 31, 2022
An inspector general probe into the U.S. Postal Service surveillance program, known as iCOP, concluded that the agency did not have the legal authority to conduct the sweeping intelligence collection and surveillance of American protesters and others between 2018 and 2021. The Postal Service Office of Inspector General launched an investigation into iCOP — which stands ...
- FBI: Ransomware Attacks Straining Local US Governments and Public Services
March 30, 2022
The FBI is informing Government Facilities Sector (GFS) partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency ...
- Cyber Actors Target US Election Officials with InvoiceThemed Phishing Campaign to Harvest Credentials
March 29, 2022
The FBI is warning US election and other state and local government officials about invoicethemed phishing emails that could be used to harvest officials’ login credentials. If successful, this activity may provide cyber actors with sustained, undetected access to a victim’s systems. As of October 2021, US election officials in at least nine states received invoice-themed ...