Illinois Department of Human Services Data Exposure Affects 700K Residents
Summary
Hide ▲
Show ▼
The Illinois Department of Human Services (IDHS) exposed personal and health data of nearly 700,000 residents due to misconfigured privacy settings on a mapping website. The breach, discovered on September 22, 2025, involved maps intended for internal use that were publicly accessible for years. Two groups were affected: 672,616 Medicaid and Medicare Savings Program recipients had their addresses and demographic details exposed from January 2022 to September 2025, while 32,401 Division of Rehabilitation Services customers had their names and case details exposed from April 2021 to September 2025. The IDHS has since restricted access and notified affected individuals.
Timeline
-
09.01.2026 17:37 1 articles · 23h ago
IDHS Data Exposure Affects 700K Residents Due to Misconfigured Privacy Settings
On September 22, 2025, the Illinois Department of Human Services discovered that maps containing sensitive personal and health data were publicly accessible due to incorrect privacy settings. The breach affected nearly 700,000 residents, with data exposed for varying periods from April 2021 to September 2025. The IDHS has since restricted access and notified affected individuals.
Show sources
- Illinois Department of Human Services data breach affects 700K people — www.bleepingcomputer.com — 09.01.2026 17:37
Information Snippets
-
The breach was caused by incorrect privacy settings on a mapping website used by the IDHS Division of Family and Community Services.
First reported: 09.01.2026 17:371 source, 1 articleShow sources
- Illinois Department of Human Services data breach affects 700K people — www.bleepingcomputer.com — 09.01.2026 17:37
-
The exposed data included addresses, case numbers, demographic details, and medical assistance plan names for Medicaid and Medicare Savings Program recipients.
First reported: 09.01.2026 17:371 source, 1 articleShow sources
- Illinois Department of Human Services data breach affects 700K people — www.bleepingcomputer.com — 09.01.2026 17:37
-
The breach also exposed names, addresses, case numbers, case status, and referral sources for Division of Rehabilitation Services customers.
First reported: 09.01.2026 17:371 source, 1 articleShow sources
- Illinois Department of Human Services data breach affects 700K people — www.bleepingcomputer.com — 09.01.2026 17:37
-
The maps were publicly accessible from January 2022 to September 2025 for the larger group and from April 2021 to September 2025 for the smaller group.
First reported: 09.01.2026 17:371 source, 1 articleShow sources
- Illinois Department of Human Services data breach affects 700K people — www.bleepingcomputer.com — 09.01.2026 17:37
-
The IDHS restricted access to the maps on September 26, 2025, and has conducted a review to prevent similar incidents.
First reported: 09.01.2026 17:371 source, 1 articleShow sources
- Illinois Department of Human Services data breach affects 700K people — www.bleepingcomputer.com — 09.01.2026 17:37
-
The agency has notified affected individuals and reported the incident to relevant regulatory authorities.
First reported: 09.01.2026 17:371 source, 1 articleShow sources
- Illinois Department of Human Services data breach affects 700K people — www.bleepingcomputer.com — 09.01.2026 17:37