- IDHS Accidentally Exposed Sensitive Data of 700,000 People Through Publicly Accessible Maps
- The data included addresses, case details, and health care plan information.
- Access restricted in September 2025; Affected individuals were notified, but no credit monitoring was offered.
The Illinois Department of Human Services (IDHS) kept an open Internet database, exposing sensitive data on 700,000 people to anyone who found it.
In a news release posted on the agency’s website in early January, it said the IDHS Division of Family and Community Services Office of Planning and Evaluation, a division that helps plan programs for low-income and vulnerable families, created maps that were supposed to help with resource allocation decisions.
The maps were created to help IDHS “determine where to open new field offices and were intended for internal IDHS use only.” But these maps were published on clearweb and were therefore accessible to all visitors.
Not exploited (yet)
The people affected by this incident can be divided into two categories, the IDHS explained: around 32,000 clients of the Division of Rehabilitation Services and more than 670,000 beneficiaries of the Medicaid and Medicare Savings Program.
For the first group, IDHS posted names, addresses, case numbers, case status, referral source information, region and office information, and status as DRS recipients.
For the second, the information displayed includes addresses, case numbers, demographic information, and the name of health care plans (such as Medicaid, Medicare, etc.). Anyone who thinks they might be affected should be wary of identity theft and fraud.
Due to the way these maps were configured and the data exposed, it is impossible to determine who viewed them and whether any malicious actors extracted the information found within them. However, IDHS says it has seen no evidence of attempted misuse.
The error was detected in late September 2025 and the agency responded by restricting access to authorized employees only. It is now notifying affected individuals and has created a toll-free number that customers can call for additional inquiries.
So far there was no information on identity theft or credit monitoring services, although they are standard practice in these types of situations.
Through The record
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
