- IDHS accidentally exposed sensitive data of 700,000 people via public cards
- Data included addresses, case details, and health plan information.
- Access restricted September 2025; affected persons are notified, but credit monitoring is not offered
The Illinois Department of Human Services (IDHS) database on the open Internet, exposing the sensitive data of 700,000 people to anyone who found it.
A press release posted on the agency's website in early January said IDHS's Bureau of Planning and Evaluation in the IDHS Division of Family and Community Services, a division that helps plan programs for low-income and vulnerable families, had created maps that were intended to help make resource allocation decisions.
The maps were created to help IDHS “determine where to open new field offices and were intended for IDHS internal use only.” But these maps were posted online and were thus available to all visitors.
Not in use (yet)
According to IDHS, those affected by this incident fall into two categories: approximately 32,000 Division of Rehabilitation Services clients and more than 670,000 Medicaid and Medicare Savings Program recipients.
For the first group, IDHS provided names, addresses, case numbers, case status, referral source information, region and office information, and DRS recipient status.
In the second case, the information disclosed includes addresses, case numbers, demographic information, and names of health care plans (such as Medicaid, Medicare, etc.). Anyone who believes they may be influenced should be wary identity theft and fraud.
Because of the way these cards are created and the data exposed, it is impossible to determine who viewed them or whether attackers were able to steal the information found inside. However, IDHS says it found no evidence of attempted abuse.
The error was noticed in late September 2025, and the agency responded by limiting access to authorized employees only. The company is currently notifying affected individuals and has set up a toll-free number that customers can call for further inquiries.
No identity theft or credit monitoring services have been reported yet, although this is standard practice in such situations.
By using Record
The best antivirus for any budget
Follow TechRadar on Google News. And add us as your preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the “Subscribe” button!
And of course you can also Follow TechRadar on TikTok. for news, reviews, unboxing videos and get regular updates from us on whatsapp too much.
