The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents.
The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the allocation of state resources, was inadvertently publicly viewable as far back as April 2021 through September 2025, when the security lapse was discovered. Officials said the exposed data included personal information on 672,616 individuals who are Medicaid and Medicare Savings Program recipients. The data included their addresses, case numbers, and demographic data — but not individuals’ names.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Social Engineering Tactics Targeting Healthcare & Public Health Entities and Providers
June 24, 2024
Access to employees’ email accounts, and then pivoted to specifically target login information related to the processing of reimbursement payments to insurance companies, medicare, or similar entities. To gain initial access to victim networks, the threat actor acquired credentials through social engineering or phishing. In some observed instances, the threat actor called an organization’s IT Help ...
- Fictitious Law Firms Targeting Cryptocurrency Scam Victims Offering to Recover Funds
June 24, 2024
The Federal Bureau of Investigation (FBI) is issuing this announcement to inform the public of an emerging criminal tactic used to further defraud cryptocurrency scam victims. This PSA is an update to Alert Number I-081123-PSA, published on 08/11/2023, titled, “Increase in Companies Falsely Claiming an Ability to Recover Funds Lost in Cryptocurrency Investment Scams.” Using social ...
- Was T-Mobile compromised by a zero-day in Jira?
June 21, 2024
A moderator of the notorious data breach trading platform BreachForums is offering data for sale they claim comes from a data breach at T-Mobile. The moderator, going by the name of IntelBroker, describes the data as containing source code, SQL files, images, Terraform data, t-mobile.com certifications, and “Siloprograms.” To prove they had the data, IntelBroker posted ...
- Car Dealerships Across US Halt Services After Cyberattack
June 20, 2024
Thousands of car dealerships were ground to a halt during a normally busy holiday Wednesday by a cyber incident at CDK Global, a major software provider for dealers across the US. The company “shut all systems down and executed extensive testing and consulted with external third-party experts,” Tony Macrito, a CDK spokesman, said in an email. ...
- Cleveland City Hall to remain closed after ransomware attack
June 15, 2024
City officials have confirmed the “cyber incident” that has hamstrung city operations for days to be a ransomware attack. In such attacks, malicious software effectively locks up a computer or network system, preventing access until users pay a ransom, according to the FBI. Read more… Source: MSN News Sign up for our Newsletter Related:
- Pentagon ran secret anti-vax campaign to undermine China during pandemic
June 14, 2024
At the height of the COVID-19 pandemic, the U.S. military launched a secret campaign to counter what it perceived as China’s growing influence in the Philippines, a nation hit especially hard by the deadly virus. It aimed to sow doubt about the safety and efficacy of vaccines and other life-saving aid that was being supplied by ...