Minnesota Department of Human Services Company CyberSecurity Posture

mn.gov
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

The Minnesota Department of Human Services (DHS) helps provide essential services to Minnesota’s most vulnerable residents. Working with many others, including counties, tribes and non-profits, DHS helps ensure that Minnesota seniors, people with disabilities, children and others meet their basic needs and have the opportunity to reach their full potential DHS employs a highly talented and dedicated workforce committed to providing services that produce positive outcomes for clients in a cost-effective manner. Employees have an opportunity to make a difference in the lives of Minnesotans every day. Be a part of growing team of talented professionals! Career opportunities at DHS Public policy analysts Human Service Technicians (Direct Care) Administrative and executive assistants Accountants and auditors Budget and business analysts Doctors and pharmacists Mental Health Professional Educators Human Resources Licensed Alcohol & Drug Counselor Nurses and nursing assistants Physical therapists Rehabilitation therapists Researchers, planners and data analysts Social workers Attorneys Health care administrators Eligibility and benefits representatives Interns and fellows

Minnesota Department of Human Services A.I CyberSecurity Scoring

MDHS

Company Details

Linkedin ID:

minnesota-department-of-human-services

Website:

http://mn.gov/dhs

Employees number:

1,925

Number of followers:

32,942

NAICS:

92

Industry Type:

Government Administration

Homepage:

mn.gov

IP Addresses:

Scan still pending

Company ID:

MIN_3087173

Scan Status:

In-progress

AI scoreMDHS Risk Score (AI oriented)

Between 700 and 749

https://images.rankiteo.com/companyimages/minnesota-department-of-human-services.jpeg
MDHS Government Administration
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreMDHS Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/minnesota-department-of-human-services.jpeg
MDHS Government Administration
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

Minnesota Department of Human Services

Moderate
Current Score
708
Ba (Moderate)
01000
3 incidents
0 avg impact

Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.

DECEMBER 2025
708
NOVEMBER 2025
708
OCTOBER 2025
707
SEPTEMBER 2025
706
AUGUST 2025
705
JULY 2025
704
JUNE 2025
702
MAY 2025
701
APRIL 2025
700
MARCH 2025
699
FEBRUARY 2025
698
JANUARY 2025
696
NOVEMBER 2022
732
Data Leak
01 Nov 2022 • Minnesota Department of Human Services
Minnesota DHS Data Breach

Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program. The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity. DHS implemented new procedures to address the error that led to the incident, and communicated these procedure changes to staff.

651
high -81
MIN164122123
Incident Details -
Type
Data Breach
Attack Vector
Human Error
Vulnerability Exploited
Human Error
Impact
first and last names addresses DHS-generated billing account numbers parental fee account activity
Response
Implemented new procedures to address the error Communicated procedure changes to staff
Data Breach
Personal Information Account Information Sensitivity Of Data: Medium first and last names addresses
Post Incident Analysis
Root Causes: Human Error Implemented new procedures to address the error Communicated procedure changes to staff
References
Blog URL Source URL
JUNE 2020
713
Vulnerability
16 Jun 2020 • Minnesota Department of Human Services (DHS)
Lack of Security Reviews Left Minnesota SNAP System Vulnerable to Breaches and Fraud

The Minnesota Department of Human Services (DHS) failed to conduct mandatory security reviews of its Supplemental Nutrition Assistance Program (SNAP) computer system in **2020 and 2023**, as revealed by federal audits. This system stores highly sensitive personal data of over **440,000 SNAP beneficiaries**, including private financial and identification details. The omission of these reviews was attributed to **resource constraints**, leaving the system vulnerable to **un detected security gaps, breaches, or fraud risks**. While the agency claimed compliance in **March 2024** under the new oversight of the Department of Children, Youth and Families (DCYF), beneficiaries expressed deep concerns over **data privacy and trust erosion** in public assistance programs. The exposed vulnerabilities could enable unauthorized access to confidential records, potentially leading to **identity theft, financial fraud, or misuse of personal information**. The audits explicitly warned that such negligence **heightens the likelihood of a breach**, though no confirmed incident was reported. The failure underscores systemic weaknesses in safeguarding critical welfare infrastructure, risking long-term reputational and operational damage.

708
critical -5
MIN3124431112425
Incident Details -
Type
Security Oversight Compliance Failure Potential Data Vulnerability
Vulnerability Exploited
Lack of Security Reviews Unpatched Security Gaps Resource Constraints in DHS
Impact
SNAP Eligibility Determination System Increased Risk of Breaches Potential Fraud Erosion of Public Trust Concerns from SNAP Beneficiaries Over Data Security Loss of Trust in Public Assistance Programs Potential Risk Due to Unsecured Personal Data
Response
Security Plan Review and Certification (March 2024) Ongoing Certification Process for 2025 Public Statements by DCYF Commissioner Tikki Brown Media Coverage via 5 INVESTIGATES
Data Breach
Personal Data of SNAP Beneficiaries (High) Potential Exposure (Names, Addresses, Financial Data, etc.)
Regulatory Compliance
Federal Single Audit Requirements for Information System Security Reviews
Lessons Learned
Regular security reviews and resource allocation are critical to preventing vulnerabilities in systems handling sensitive public welfare data. Delays in compliance can erode public trust and increase risks of fraud or breaches.
Recommendations
Prioritize and fund mandatory security reviews for systems handling sensitive data. Implement continuous monitoring and third-party audits to ensure compliance. Enhance transparency with beneficiaries regarding data security measures. Allocate dedicated resources for cybersecurity within public welfare agencies.
Investigation Status
Ongoing (Media Investigation by 5 INVESTIGATES; DCYF Claims Remediation Underway)
Customer Advisories
Public Statements by DCYF Commissioner Addressing Concerns
Initial Access Broker
SNAP Eligibility System Database
Post Incident Analysis
Lack of Resources in DHS for Security Reviews Failure to Comply with Federal Audit Requirements Inadequate Oversight of Critical Public Welfare Systems Security Plan Certification (March 2024) by DCYF Ongoing Certification Process for 2025 Media Engagement to Rebuild Public Trust
References
Blog URL Source URL
MARCH 2018
767
Breach
01 Mar 2018 • Minnesota Department of Human Services
Minnesota Department of Human Services Data Breach

Minnesota Department of Human Services suffered a data breach through an employee’s e-mail account. The attack exposed the personal information of about 11,000 people. The hackers were immediately detected and the servers were secured.

679
critical -88
MIN21149222
Incident Details -
Type
Data Breach
Attack Vector
Email Compromise
Vulnerability Exploited
Compromised Email Account
Impact
Personal Information Email Servers
Response
Secured Servers
Data Breach
Type Of Data Compromised: Personal Information
Initial Access Broker
Entry Point: Compromised Email Account
References
Blog URL Source URL

Frequently Asked Questions

According to Rankiteo, the current A.I.-based Cyber Score for Minnesota Department of Human Services is 708, which corresponds to a Moderate rating.

According to Rankiteo, the A.I. Rankiteo Cyber Score for November 2025 was 708.

According to Rankiteo, the A.I. Rankiteo Cyber Score for October 2025 was 707.

According to Rankiteo, the A.I. Rankiteo Cyber Score for September 2025 was 706.

According to Rankiteo, the A.I. Rankiteo Cyber Score for August 2025 was 705.

According to Rankiteo, the A.I. Rankiteo Cyber Score for July 2025 was 704.

According to Rankiteo, the A.I. Rankiteo Cyber Score for June 2025 was 702.

According to Rankiteo, the A.I. Rankiteo Cyber Score for May 2025 was 701.

According to Rankiteo, the A.I. Rankiteo Cyber Score for April 2025 was 700.

According to Rankiteo, the A.I. Rankiteo Cyber Score for March 2025 was 699.

According to Rankiteo, the A.I. Rankiteo Cyber Score for February 2025 was 698.

According to Rankiteo, the A.I. Rankiteo Cyber Score for January 2025 was 696.

Over the past 12 months, the average per-incident point impact on Minnesota Department of Human Services’s A.I Rankiteo Cyber Score has been 0 points.

You can access Minnesota Department of Human Services’s cyber incident details on Rankiteo by visiting the following link: https://www.rankiteo.com/company/minnesota-department-of-human-services.

You can find the summary of the A.I Rankiteo Risk Scoring methodology on Rankiteo by visiting the following link: Rankiteo Algorithm.

You can view Minnesota Department of Human Services’s profile page on Rankiteo by visiting the following link: https://www.rankiteo.com/company/minnesota-department-of-human-services.

With scores of 18.5/20 from OpenAI ChatGPT, 20/20 from Mistral AI, and 17/20 from Claude AI, the A.I. Rankiteo Risk Scoring methodology is validated as a market leader.