Data Breach at Illinois Department of Human Services

The Illinois Department of Human Services (DHS) experienced a data breach in September of 2025. Medicaid beneficiaries began receiving notices of this data breach in January.

DHS uses an internal mapping website to allocate resources and to assist with decision making. In September 2025, DHS became aware that the website was made public. The maps contained Medicaid and Medicare Savings Program information, including a beneficiary's case number, address, demographic information, and which Medicaid program they are enrolled in. DHS immediately secured the map and created a policy that prohibits uploading customer data on a public website. 

DHS is not aware of any attempted misuse of personal information because of this incident.

Additional information can be found here.