The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents.
The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the allocation of state resources, was inadvertently publicly viewable as far back as April 2021 through September 2025, when the security lapse was discovered. Officials said the exposed data included personal information on 672,616 individuals who are Medicaid and Medicare Savings Program recipients. The data included their addresses, case numbers, and demographic data — but not individuals’ names.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- US lawmakers want to put NSO Group, 3 other spyware makers out of business with fresh severe sanctions
December 15, 2021
Eighteen US Democratic lawmakers have asked the Treasury Department and State Department to punish Israel-based spyware maker NSO Group and three other surveillance software firms for enabling human rights abuses. In a letter signed by US Senator Ron Wyden (D-OR), House Intelligence Committee Chairman Adam Schiff (D-CA), and 16 others, the legislators urge Secretary of ...
- US Cyber Command head confirms direct actions against ransomware gangs
December 8, 2021
General Paul M. Nakasone, head of US Cyber Command confirmed during a recent national security event that his agency has begun taking direct action against international ransomware gangs as part of a larger effort to curtail attacks on American companies and infrastructure. The General explained that his agency is working hand-in-hand with the NSA, FBI, and ...
- Canadian indicted for launching ransomware attacks on orgs in US, Canada
December 7, 2021
The FBI and Justice Department unsealed indictments today leveling a number of charges against 31-year-old Canadian Matthew Philbert for his alleged involvement in several ransomware attacks. Officials from the Ontario Provincial Police held a press conference on Tuesday to announce the charges and Philbert’s arrest in Ottawa. In a statement, US Attorney Bryan Wilson of the District ...
- U.S. State Department phones hacked with Israeli company spyware
December 3, 2021
Apple Inc iPhones of at least nine U.S. State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based NSO Group, according to four people familiar with the matter. The hacks, which took place in the last several months, hit U.S. officials either based in Uganda or focused on matters concerning ...
- Sensitive information of 30k Florida healthcare workers exposed in unprotected database
December 3, 2021
More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password protected database, according to security researcher Jeremiah Fowler and a team of ethical hackers with Website Planet. Fowler discovered a database run by Gale Healthcare Solutions with 170,239 exposed records that included names, emails, home addresses, photos and in some cases ...
- Indicators of Compromise Associated with Cuba Ransomware
December 2, 2021
The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors. Cuba ransomware is distributed through Hancitor malware, a loader known for dropping or executing stealers, such as ...