Several customers and a few employees of a major state agency were victims of a data breach earlier this year.
The Illinois Department of Human Services announced today the agency experienced a privacy breach in April where multiple employee accounts were accessed by an outside entity’s phishing campaign.
Officials say the files accessed included the social security numbers of 4,701 IDHS customers as well as three employees.
IDHS has sent written notice to all of the individuals whose information was compromised and who had a current address on file with the agency.
According to the release, more than 1.1 million individuals with a public assistance account on file with IDHS also had their information exposed. Agency officials say the account information is significantly less sensitive, however, substitute notices were also sent to these individuals.
All of the written notices contained information on resources for available credit monitoring and IDHS says an in-depth forensic analysis, followed by a manual review of all compromised files to determine the nature of the breach was conducted. IDHS says it continues to train its employees on how to avoid and report phishing attempts.