The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents.
The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the allocation of state resources, was inadvertently publicly viewable as far back as April 2021 through September 2025, when the security lapse was discovered. Officials said the exposed data included personal information on 672,616 individuals who are Medicaid and Medicare Savings Program recipients. The data included their addresses, case numbers, and demographic data — but not individuals’ names.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- ‘Predator Files’ spyware scandal reveals brazen targeting of civil society, politicians and officials
October 9, 2023
Shocking spyware attacks have been attempted against civil society, journalists, politicians and academics in the European Union (EU), USA and Asia, according to a major new investigation by Amnesty International. Among the targets of Predator spyware are United Nations (UN) officials, a Senator and Congressman in the USA and even the Presidents of the European ...
- UK: ‘Cyber terrorist’ who hid data on James Bond-style cufflink refused parole
October 7, 2023
A “cyber terrorist” who was jailed after hiding his support for the so-called Islamic State on a James Bond-style cufflink has been refused parole. Samata Ullah, then 34, created a “one-stop shop” for terrorists from his bedroom in Cardiff, offering a range of guidance on how to stay one step ahead of police and security ...
- MGM Resorts estimates $100M loss due to cyber attack
October 6, 2023
MGM Resorts sent a letter to customers regarding the recent cyber incident that took place on Sept. 11. MGM Resorts stated that on or around Sept. 29, it determined that an unauthorized third party obtained the personal information of some of its customers on Sept. 11. The company also said it filed an 8-K form with ...
- IronNet, founded by former NSA director, shuts down and lays off staff
October 3, 2023
IronNet, a once-promising cybersecurity startup founded by a former NSA director and funded by cyber and defense investors, has shuttered and laid off its remaining staff following its collapse. In a regulatory filing published Friday, IronNet’s president and chief financial officer Cameron Pforr said the company had ceased all business activities as it prepares for ...
- U.S. DoD’s Critical Infrastructure Is Dangerously Insecure
October 2, 2023
As simmering tensions in East Asia rise to a boil, the recent discovery of a Chinese penetration of the U.S. military’s telecommunication systems in Guam should be setting off alarm bells across the executive branch and in the halls of Congress. Though Chinese penetration of U.S. networks for espionage has been well documented for more than ...
- Ransomware group demands $51 million from Johnson Controls after cyber attack
September 28, 2023
Johnson Controls, a multinational conglomerate that secures industrial control systems, security equipment, fire safety and air conditioning systems, has been hit by a massive cyber attack. The company, which employs over 100,000 people around the world, suffered a ransomware attack over the weekend which left data encrypted and caused it to shut down sections of ...