The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents.
The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the allocation of state resources, was inadvertently publicly viewable as far back as April 2021 through September 2025, when the security lapse was discovered. Officials said the exposed data included personal information on 672,616 individuals who are Medicaid and Medicare Savings Program recipients. The data included their addresses, case numbers, and demographic data — but not individuals’ names.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Colorado energy company loses 25 years of data after cyberattack while still rebuilding network
December 2, 2021
Colorado’s Delta-Montrose Electric Association (DMEA) is still struggling to recover from a devastating cyberattack last month that took down 90% of its internal systems and caused 25 years of historical data to be lost. In an update sent to customers this week, the company said it expects to be able to begin accepting payments through its ...
- DHS Announces New Cybersecurity Requirements for Surface Transportation Owners and Operators
December 2, 2021
WASHINGTON – DHS’s Transportation Security Administration (TSA) today announced two new Security Directives and additional guidance for voluntary measures to strengthen cybersecurity across the transportation sector in response to the ongoing cybersecurity threat to surface transportation systems and associated infrastructure. These actions are among several steps DHS is taking to increase the cybersecurity of U.S. ...
- Planned Parenthood LA: Ransomware attack leaks health data of 400,000 patients
December 2, 2021
Planned Parenthood Los Angeles has sent out breach notification letters to about 400,000 patients after the organization suffered from a ransomware incident between October 9 and October 17. In a letter shared with the California Attorney General’s office and sent out on November 30, the organization said it identified suspicious activity in its computer network on ...
- FBI Document Says the Feds Can Get Your WhatsApp Data – in Real Time
November 29, 2021
As Apple and WhatsApp have built themselves into multibillion-dollar behemoths, they’ve done it while preaching the importance of privacy, especially when it comes to secure messaging. But in a previously unreported FBI document obtained by Rolling Stone, the bureau claims that it’s particularly easy to harvest data from Facebook’s WhatsApp and Apple’s iMessage services, as long ...
- TSA makes changes to new cyber requirements after industry feedback
November 23, 2021
The Transportation Security Administration is softening the deadlines on new cybersecurity requirements for major passenger and freight rail operators, as the agency’s leader said it learned from efforts earlier this year to begin regulating the cybersecurity of the pipeline sector. TSA is expected to issue the new security directives for major railroad and rail transit entities ...
- UK and US join forces to strike back in cyber-space
November 18, 2021
The US and UK are joining forces to “impose consequences” on their shared adversaries who conduct malicious cyber-activities. The combined action would address “evolving threats with a full range of capabilities”, they said. The shared adversaries were not named but the announcement follows increasing concern over Russia-based ransomware. Read more… Source: BBC News