The Illinois Department of Health has confirmed that years of security lapses have compromised the personal information of more than 700,000 state residents.
The Illinois Department of Human Services (IDHS) announced in a statement on January 2 that an internal mapping website containing residents' personal information that the agency used to help allocate state resources was inadvertently made available to the public from April 2021, when a security flaw was discovered, to September 2025.
Officials said the leaked data included personal information about 672,616 Medicaid and Medicare Savings Program beneficiaries. The data included addresses, case numbers, and demographic data, but not individual names.
The leaked data also included names, addresses, case circumstances, and other information about 32,401 people receiving services from the department's Rehabilitation Services Division.
IDHS said it could not confirm whether anyone viewed the published map during the four years it was accessible on the web.