US EditionIllinois Quick Hits: 700,000 Customers' Health Information Potentially Exposed
Incorrect privacy settings exposed personal details of roughly 700,000 Illinois Department of Human Services customers, prompting immediate access restrictions and new secure map policies.
- On Friday, the Illinois Department of Human Services announced that protected health information for more than 700,000 customers may have been compromised after maps on public mapping websites exposed names and addresses.
- Uploading maps with incorrect privacy settings made several internal planning maps containing customer data publicly viewable on public mapping websites.
- The department said records for 672,616 Medicaid and Medicare Savings Program recipients contained addresses, case numbers, demographic data and medical-assistance plan names, while maps showed data for 32,401 IDHS Division of Rehabilitation Services customers.
- IDHS changed privacy settings to restrict access, implemented a secure map policy banning customer-data uploads to public sites, and is notifying affected individuals with a notification phone line.
- Under HIPAA, breaches affecting 500 or more must be reported to the U.S. Department of Health and Human Services' Office for Civil Rights; the mapping website could not identify viewers and IDHS said it is unaware of misuse.
11 Articles
11 Articles
NBC Chicago
Health care data breach affects 600,000 patients, Illinois agency says
The names and addresses of thousands of patients of the Illinois Department of Human Services were incorrectly made publicly viewable for the last several years, the agency said Friday.
State discloses years-long exposure of sensitive data tied to Medicaid and disability services
The Illinois Department of Human Services disclosed Friday that sensitive information tied to hundreds of thousands of Illinois residents enrolled in Medicaid, Medicare savings programs, and state disability services was publicly accessible online for years due to incorrect privacy settings on internal planning maps. This state discloses a significant breach in data security. According to […]
Health care data breach affects 600,000 patients, Illinois agency says – Chicago Sun-Times
More than 32,000 customers with the Illinois Department of Human Services division of rehabilitation services had information publicly viewable between April 2021 and September 2025. The information included names, addresses, case numbers, case status, referral source information, region and office information and status as Division of Rehabilitation Services recipients, the agency said.
Chicago Tribune
State agency says information of more than 670,000 Illinois residents publicly exposed
The personal information of more than 670,000 Illinois residents may have been publicly accessible online for several years, the Illinois Department of Human Services said Friday. The department discovered Sept. 22 that maps created by one of its divisions on a mapping website were “publicly viewable due to incorrect privacy settings,” according to a notice shared with the media Friday. The maps were intended for the department’s internal use to…
DHS warns of security breach involving the information of thousands of Illinois Medicaid and Medicare Savings Program recipients
Mapping website was viewable by the public because of incorrect privacy setting SPRINGFIELD, Ill. – The Illinois Department of Human Services is confirming that the customer information of 32,401 Division of Rehabilitation Services, or DRS, customers and 672,616 Medicaid and Medicare Savings Program recipients was incorrectly made publicly accessible. DRS customers’ names, addresses, case numbers, case status, refer source information, region an…
Coverage Details
Bias Distribution
- 43% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
