ILLINOIS — Nearly 600 Illinois residents had their private health and identification data compromised in a February phishing attack that targeted a state employee, according to the Illinois Department of Healthcare and Family Services (HFS).
The breach, which affected 933 individuals overall, was publicly disclosed by HFS on June 6 after an investigation concluded. At least 564 victims were Illinois residents.
How the Cyberattack Happened
According to state officials, the phishing attack occurred on February 11, 2025. A hacker used an already-compromised government email address to send convincing messages to employees at HFS. One employee responded to the fake message, unknowingly giving the attacker access to their emails and attached documents.
“The emails looked trustworthy because they came from another government address the attacker had already hacked,” HFS explained in its official statement.
This breach potentially exposed the following personal information:
-
Full names
-
Social Security numbers
-
Driver’s license or state ID numbers
-
Child support and Medicaid case numbers
-
Financial account details
-
Dates of birth
What the State Did in Response
Once the breach was detected, HFS worked with the Illinois Department of Innovation and Technology (DoIT) — led by State CIO Brandon Ragle — to:
-
Block access to the malicious links
-
Reset passwords of potentially compromised employees
-
Issue new cybersecurity training materials to all staff
The department also notified affected individuals on May 23 and advised credit monitoring and fraud alert precautions, including placing security freezes with credit bureaus.
You can read the official media notice here.
Ongoing Cybersecurity Concerns in Illinois
This is not the first such incident. In April 2024, a separate phishing attack on the Illinois Department of Human Services exposed personal information of more than 1 million people, including 4,700 full Social Security numbers. That same month, two email accounts were compromised at the Illinois Secretary of State’s office, possibly leaking sensitive license and ID data.
Cybersecurity experts warn that phishing remains one of the most common ways hackers breach government systems, due to the human factor — even well-trained staff can fall for deceptive emails.
Read More: From TikTok to Main Street: Alexandra Kay Turns Coffee Dream Into Reality in Illinois
How Illinois Residents Can Protect Themselves
If your data may have been exposed or you’re simply concerned, experts recommend the following steps:
-
Check Your Credit Reports regularly through AnnualCreditReport.com
-
Place a Fraud Alert with one of the three major credit bureaus (Equifax, TransUnion, Experian)
-
Consider a Security Freeze, which prevents new credit lines from being opened without your consent
-
Enable Two-Factor Authentication on all sensitive accounts
-
Report Suspicious Emails to your email provider or IT department if you work in government or healthcare
A Reminder: Cybersecurity Is a Shared Responsibility
This incident is a wake-up call for residents and public institutions alike. Whether you work in government, healthcare, or simply manage your family’s finances, awareness of phishing threats is crucial.
One click can expose hundreds of people — but one step of caution can prevent it.
Have you or someone you know been affected by a state data breach? Share your experience or advice at ChicagoSuburbanFamily.com and help raise awareness.
