Illinois health agency left personal information of more than 700,000 residents accessible for years

Illinois Security Breach Exposes Sensitive Data of Over 700,000 Residents

The Illinois Department of Human Services (IDHS) has revealed that a prolonged security oversight led to the exposure of personal details belonging to more than 700,000 people in the state.

According to a statement released on January 2, an internal mapping tool used by officials to manage state resource distribution was unintentionally accessible to the public from April 2021 until September 2025, when the issue was finally identified.

The breach affected 672,616 individuals enrolled in Medicaid and the Medicare Savings Program. Information such as addresses, case numbers, and demographic details was exposed, though the data did not include the individuals’ names.

Additionally, the incident compromised the names, addresses, case statuses, and other sensitive information of 32,401 people who received support from the department’s Division of Rehabilitation Services.

IDHS stated that it could not confirm whether anyone had accessed the publicly available maps during the nearly four years they remained online.