Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Illinois Department of Healthcare and Family Services

Illinois Department of Healthcare and Family Services Vendor Cyber Rating & Cyber Score

illinois.gov

We work together to help Illinoisans access high quality health care and fulfill child support obligations to advance their physical, mental, and financial well-being.


IDHFS A.I CyberSecurity Scoring

IDHFS
Company Information
Website:http://hfs.illinois.gov
Employees number:348
Number of followers:4,098
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:illinois.gov
IDHFS Risk Score (AI oriented)
Between 550 and 599
logo
IDHFSHospitals and Health Care
Updated:
21/03/2026
583/1000
Very Poor
Ca
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
IDHFS Global Score (TPRM)
xxxx
logo
IDHFSHospitals and Health Care
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

IDHFS
IDHFSVery Poor
Current Score
583Ca (VERY POOR)
01000
3 incidents
-82 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
594Before Incident
JUNE 2026
594Before Incident
MAY 2026
590Before Incident
APRIL 2026
588Before Incident
MARCH 2026
582Before Incident
FEBRUARY 2026
578Before Incident
JANUARY 2026
657Before Incident
Breach
06 Jan 2026IDHFS
Illinois Department of Human Services: Illinois Department of Human Services reports yearslong data breach

IDHS Protected Health Information Data Breach

575After Incident
CRITICAL-82
ILD1768217682
Illinois Department of Human Services Exposes Health Data of Over 700,000 Individuals for Over Three Years The Illinois Department of Human Services (IDHS) recently disclosed a data breach involving the protected health information (PHI) of more than 705,000 individuals, which remained publicly accessible on a mapping website for over three years. The breach affected two groups: approximately 32,401 customers of the Division of Rehabilitation Services (DRS) and 672,600 recipients of the Medicaid and Medicare Savings Program. The exposed data, uploaded to a public mapping platform used by IDHS’s Bureau of Planning and Evaluation, was intended for internal resource allocation purposes. Due to incorrect privacy settings, the information was viewable to the public from April 2021 to September 2025 for DRS customers and from January 2022 to September 2025 for Medicare Savings Program recipients. The breach included sensitive details such as names, addresses, case numbers, and demographic information, though Medicare recipients’ names were not exposed. IDHS discovered the vulnerability on September 22, 2025, and immediately restricted access to authorized personnel. However, the agency failed to meet federal HIPAA requirements, which mandate notification of affected individuals and media outlets within 60 days of discovery. Instead, IDHS issued a public statement on January 2, 2026 102 days after identifying the breach. When questioned about the delayed discovery and notification, IDHS declined to provide an explanation, stating only that customer privacy was a priority and that corrective measures, including a new Secure Map Policy, had been implemented to prevent future incidents. The policy now prohibits the upload of identifiable customer data to public mapping platforms.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Protected health information, including names, addresses, case numbers, case status, referral source information, demographic data, and medical assistance plan detailsSystems Affected: Public mapping website used by IDHS Bureau of Planning and EvaluationOperational Impact: Implementation of new Secure Map Policy and internal review processesBrand Reputation Impact: Negative impact on IDHS's reputation due to delayed notification and prolonged exposure of sensitive dataLegal Liabilities: Potential violations of HIPAA and other federal regulationsIdentity Theft Risk: High risk due to exposure of personally identifiable information and protected health information
DATA BREACH
Protected health informationPersonally identifiable informationNumber Of Records Exposed: 705,001Sensitivity Of Data: HighNamesAddressesCase numbersDemographic informationReferral source information
DECEMBER 2025
657Before Incident
NOVEMBER 2025
655Before Incident
OCTOBER 2025
653Before Incident
SEPTEMBER 2025
651Before Incident
AUGUST 2025
649Before Incident
FEBRUARY 2025
703Before Incident
Breach
01 Feb 2025IDHFS
Illinois Department of Healthcare and Family Services and Illinois Department of Human Services: Illinois health data stolen in February phishing attack

Illinois Health Data Breach via Phishing Attack

634After Incident
CRITICAL-69
ILDILD1767327524
Illinois Health Agency Reports Phishing Attack Exposing Sensitive Data In February, the Illinois Department of Healthcare and Family Services (HFS) disclosed a data breach affecting 933 individuals—564 of whom are state residents—after a phishing attack compromised an employee email account. Threat actors gained access by sending malicious emails from a previously hacked government account, enabling the exfiltration of personal data, including names, birthdates, driver’s license and state ID numbers, Social Security numbers, and financial details related to child support or Medicaid. HFS responded by blocking malicious links, resetting employee passwords, and collaborating with the state Department of Innovation and Technology to contain the breach. While no evidence of misuse has been reported, affected individuals were advised to monitor credit reports and set up fraud alerts. The incident highlights ongoing cybersecurity risks in government systems, particularly through phishing and supply chain vulnerabilities. Separately, U.S. and Australian authorities have issued warnings about active exploitation of the "MongoBleed" vulnerability in MongoDB, with concerns that advanced persistent threats (APTs) may target critical infrastructure sectors, including energy, water, and transportation.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Data Exfiltration
IMPACT
Data Compromised: Names, birthdates, driver's license and state ID numbers, Social Security numbers, child support- or Medicaid-related financial detailsSystems Affected: Employee email accountBrand Reputation Impact: Potential reputational damage to Illinois Department of Healthcare and Family ServicesIdentity Theft Risk: HighPayment Information Risk: Possible (Medicaid-related financial details)
DATA BREACH
Type Of Data Compromised: Personally Identifiable Information (PII), Financial InformationNumber Of Records Exposed: 933Sensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Names, birthdates, driver's license and state ID numbers, Social Security numbers
APRIL 2023
763Before Incident
Breach
01 Apr 2023IDHFS
Illinois Department of Human Services: Illinois Dept. Of Human Services Data Breach: 705k Affected

Illinois Department of Human Services Data Breach

674After Incident
CRITICAL-89
ILD1770230857
Illinois Department of Human Services Suffers Major Data Breach Affecting 705,017 Individuals The Illinois Department of Human Services (IDHS) disclosed a significant data breach impacting 705,017 individuals across the U.S. The incident, which occurred between April 2023 and September 2025, was discovered on September 22, 2025, and linked to a distributed denial-of-service (DDoS) attack claimed by the hacking group Red Wolf Cyber. The breach exposed sensitive information, including names, addresses, case numbers, case statuses, referral sources, regional office details, and protected health information (PHI) related to IDHS services. While Social Security numbers and financial data were not compromised, the leaked personally identifiable information (PII) and PHI pose privacy risks for affected individuals. Red Wolf Cyber first publicized the breach on the dark web on September 28, 2025, providing evidence of service disruptions. The U.S. Department of Health and Human Services was officially notified on January 9, 2026, and IDHS later posted a public notice on its website. In response, IDHS took steps to mitigate the incident and inform those impacted. The agency emphasized that the breach stemmed from a DDoS attack rather than a direct database compromise, though the exposed data could still be exploited for phishing or fraud. Affected individuals were advised to monitor accounts linked to IDHS services for suspicious activity.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Names, addresses, case numbers, case statuses, referral sources, regional office details, protected health information (PHI)Operational Impact: Service disruptionsBrand Reputation Impact: Potential privacy risks for affected individualsIdentity Theft Risk: High (due to PII and PHI exposure)Payment Information Risk: None (Social Security numbers and financial data not compromised)
DATA BREACH
Personally Identifiable Information (PII)Protected Health Information (PHI)Number Of Records Exposed: 705,017Sensitivity Of Data: HighPersonally Identifiable Information: Names, addresses, case numbers, case statuses, referral sources, regional office details

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for IDHFS ?
?
What was IDHFS's A.I Rankiteo Cyber Score in June 2026 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in May 2026 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in April 2026 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in March 2026 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in February 2026 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in January 2026 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in December 2025 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in November 2025 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in October 2025 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in September 2025 ?
?
What was IDHFS's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on IDHFS's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with IDHFS ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view IDHFS's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?