Commercial News- Danville reports a phishing attack on April 25 successfully gained access to a number of Illinois Department of Human Services (IDHS) employees’ email accounts. The result was more than 1 million people had their information accessed. More than 4,700 people — three of whom were employees — had their Social Security numbers in their files.
Separately, public assistance account information (name, public assistance account number, and some combination of address, date of birth, Illinois State Board of Education Student Information System ID number, Recipient Identification Number, and cell phone number) was accessed for 1,118,993 customers. That information did not include SSNs.
On May 3, IDHS, in partnership with the Illinois Department of Innovation and Technology (DoIT), determined the incident was a reportable breach of security under PIPA.
The state’s disclosure did not identify who was responsible for the breach (if they even know) or whether there was any ransom demand made.
Read more at Yahoo!