"The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents' personal information, which officials used for assisting with the allocation of state resources, was inadvertently publicly viewable as far back as April 2021 through September 2025, when the security lapse was discovered. Officials said the exposed data included personal information on 672,616 individuals who are Medicaid and Medicare Savings Program recipients."
"The data included their addresses, case numbers, and demographic data - but not individuals' names. The exposed data also included names, addresses, case statuses and other information relating to 32,401 individuals in receipt of services from the department's Division of Rehabilitation Services. IDHS said it was unable to determine if anyone had viewed the publicly exposed maps during the four years that they were accessible on the web."
The Illinois Department of Human Services confirmed an internal mapping website was publicly viewable from April 2021 through September 2025. The site contained residents' personal information used to assist allocation of state resources. Exposed data included records for 672,616 Medicaid and Medicare Savings Program recipients, listing addresses, case numbers, and demographic information, but not names. The exposure also affected 32,401 Division of Rehabilitation Services clients, including names, addresses, case statuses, and other details. IDHS could not determine whether anyone accessed the publicly exposed maps during the four years they were online.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]