How many people were affected by the Illinois HFS data breach?

The data breach exposed sensitive personal information of 933 individuals who had interactions with the Illinois Department of Healthcare and Family Services.

How did the phishing attack on Illinois HFS work?

The attackers sent emails to HFS employees from another government email account that the bad actor had previously hacked, making the emails appear trustworthy to HFS employees and increasing the likelihood of successful compromise.

What type of data was compromised in the Illinois HFS breach?

The compromised data includes customer names, Social Security numbers, driver's license or state identification card numbers, financial information related to child support, child support identification and case numbers, Medicaid identification and case numbers, and dates of birth.

When were affected individuals notified about the Illinois HFS breach?

HFS sent notification to affected individuals on May 23, 2025, approximately three months after the February 11 phishing attack that led to the data breach.

What should affected individuals do after the Illinois HFS data breach?

HFS advised affected individuals to monitor their credit reports and consider placing fraud alerts or security freezes on their accounts to protect against potential identity theft or fraud resulting from the compromised personal information.

What made the phishing attack on Illinois HFS successful?

The phishing attack was successful because the attackers used a previously compromised government email account to send the malicious emails, making them appear legitimate and trustworthy to HFS employees, which increased the likelihood that employees would interact with the phishing content.

Incident

Illinois Department of Healthcare and Family Services reports data breach exposing almost 1000 people

published: June 6, 2025

Learn More

The Illinois Department of Healthcare and Family Services (HFS) reports a data breach that exposed sensitive personal information of 933 individuals following a phishing attack that occurred in February 2025.

The phishing campaign targeted HFS employees on February 11, 2025 and successfully compromised one employee's email account. The attackers sent emails to HFS employees from another government email account the bad actor had previously hacked, so that the emails looked trustworthy to HFS employees.

The attackers gained access to sensitive documents and personal information. The compromised data includes:

Customer names
Social Security numbers
Driver's license or state identification card numbers
Financial information related to child support
Child support identification and case numbers
Medicaid identification and case numbers
Dates of birth

HFS sent notification to affected individuals on May 23, 2025 and advised them to monitor their credit reports and consider placing fraud alerts or security freezes on their accounts.

Illinois Department of Healthcare and Family Services reports data breach exposing almost 1000 people

Read More
Philippine National Police shuts down systems after cyber …
Williamson County, Texas hit by cyberattack, data breach
Oxford City Council hit by cyberattack exposing two …
Personal information of victims, suspects, witnesses leaked in …
Large-scale DDoS attack hits Russia's food safety agency, …