Illinois Faces Multiple Data Breaches Amid Cybersecurity Failures and Delayed Responses
Illinois state agencies have come under fire following a series of data breaches, including a prolonged exposure of sensitive information that went undetected for over three years. State Sen. Terri Bryant (R-Murphysboro) criticized the Illinois Department of Human Services (IDHS) after it revealed that protected health and financial data of more than 700,000 residents was left accessible on a public mapping website from 2021 until September 2025 due to incorrect privacy settings.
The breach was discovered in September 2025, but notifications to affected individuals were delayed beyond the 60-day federal requirement, with the agency taking 102 days to disclose the incident. Bryant questioned whether contractors such as Deloitte, which managed pandemic-related systems under a no-bid $21–$22 million contract played a role in the failure. Deloitte was previously linked to data breaches in Illinois’ Pandemic Unemployment Assistance system, which led to lawsuits and settlements.
The IDHS breach follows a 2021 ransomware attack on the Illinois Attorney General’s office, where DoppelPaymer hackers exposed names, addresses, and Social Security numbers of millions after ransom demands went unmet. The state incurred significant costs for recovery and forensic audits.
Bryant highlighted a pattern of systemic failures under the Pritzker administration, contrasting the current response with a decades-old incident where a smaller breach prompted immediate action. While IDHS has since implemented a Secure Map Policy to restrict public data uploads, Bryant argued that affected residents should receive free credit monitoring, as in past breaches.
Republican lawmakers plan to press for answers, though Democrats control the General Assembly. Bryant called the repeated breaches preventable and criticized the financial burden on taxpayers, noting that similar incidents have led to costly remediation efforts. The agency has not yet explained the delayed notification or whether contractors were responsible.
Source: https://www.thecentersquare.com/illinois/article_768b2c31-ead6-403d-b4f3-785fae17503e.html
Deloitte Government & Public Services cybersecurity rating report: https://www.rankiteo.com/company/deloitte-government
"id": "DEL1768842388",
"linkid": "deloitte-government",
"type": "Breach",
"date": "6/2021",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': '700,000+ residents',
'industry': 'Public Sector',
'location': 'Illinois, USA',
'name': 'Illinois Department of Human Services (IDHS)',
'size': 'Large',
'type': 'Government Agency'},
{'customers_affected': 'Millions',
'industry': 'Public Sector',
'location': 'Illinois, USA',
'name': 'Illinois Attorney General’s Office',
'size': 'Large',
'type': 'Government Agency'}],
'attack_vector': ['Misconfigured Privacy Settings', 'Ransomware'],
'customer_advisories': 'Delayed notifications to affected residents',
'data_breach': {'data_exfiltration': 'Yes (DoppelPaymer ransomware)',
'number_of_records_exposed': '700,000+ (IDHS), Millions '
'(Attorney General’s Office)',
'personally_identifiable_information': 'Names, addresses, '
'Social Security '
'numbers',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Protected Health Information '
'(PHI)',
'Financial Data',
'Personally Identifiable '
'Information (PII)']},
'date_detected': '2025-09',
'description': 'Illinois state agencies faced multiple data breaches, '
'including a prolonged exposure of sensitive information due '
'to incorrect privacy settings on a public mapping website. '
'The breach affected over 700,000 residents and went '
'undetected for over three years. Additionally, a 2021 '
'ransomware attack on the Illinois Attorney General’s office '
'exposed personal data of millions.',
'impact': {'brand_reputation_impact': 'Significant reputational damage to '
'state agencies',
'data_compromised': 'Protected health and financial data, names, '
'addresses, Social Security numbers',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential lawsuits and settlements',
'operational_impact': 'Delayed notifications, recovery and '
'forensic audit costs',
'systems_affected': ['Illinois Department of Human Services (IDHS) '
'systems',
'Illinois Attorney General’s office systems']},
'investigation_status': 'Ongoing',
'lessons_learned': 'Need for immediate breach detection, timely '
'notifications, and contractor accountability. Free credit '
'monitoring should be provided to affected individuals.',
'motivation': ['Financial Gain', 'Data Exfiltration'],
'post_incident_analysis': {'corrective_actions': ['Secure Map Policy '
'implementation',
'Forensic audits'],
'root_causes': ['Incorrect privacy settings',
'Delayed detection',
'Contractor mismanagement']},
'ransomware': {'data_encryption': 'Yes',
'data_exfiltration': 'Yes',
'ransom_paid': 'No',
'ransomware_strain': 'DoppelPaymer'},
'recommendations': 'Implement stricter privacy settings, enhance monitoring, '
'ensure timely breach notifications, and provide credit '
'monitoring for affected residents.',
'references': [{'source': 'State Sen. Terri Bryant (R-Murphysboro)'}],
'regulatory_compliance': {'legal_actions': 'Potential lawsuits and '
'settlements',
'regulations_violated': ['60-day federal '
'notification requirement'],
'regulatory_notifications': 'Delayed (102 days)'},
'response': {'communication_strategy': 'Delayed notifications (102 days)',
'containment_measures': 'Secure Map Policy implemented to '
'restrict public data uploads',
'recovery_measures': 'Forensic audits, recovery efforts',
'third_party_assistance': 'Deloitte (contractor)'},
'threat_actor': 'DoppelPaymer',
'title': 'Illinois State Agencies Data Breaches and Cybersecurity Failures',
'type': ['Data Breach', 'Ransomware'],
'vulnerability_exploited': ['Incorrect Privacy Settings', 'Unpatched Systems']}