Minnesota DHS Subject to Two Data Breaches, Officials Say

Minnesota DHS Subject to Two Data Breaches, Officials Say Photo: Minnesota Department Human Services

October 11, 2018 04:11 PM

The Minnesota Department of Human Services were victims of a phishing email scam, where someone had the ability to access the information of approximately 21,000 individuals who interacted with the department.

DHS confirmed the potential breach Thursday in a statement.

Advertisement

DHS sent out a letter dated Tuesday to those individuals whose information may have been accessed. In the letter, it says incidents occurred in June and July. 

"The two email accounts contained information about some of the people who interacted with DHS between October 2010 and July 2018," the department said. "The vast majority of these people interacted with our State Medical Review Team, and a much smaller number interacted with one of our Direct Care and Treatment facilities."


More from KSTP:

5 INVESTIGATES: 'Hacker for Hire' Service Targeted Government Sites

Dayton Proposes $125M Worth of Cybersecurity Reforms


According to DHS, Minnesota IT Services secured the accounts and stopped the spread of the phishing emails. MNIT also investigated the incidents and reported the results of the investigation to DHS in August.

DHS reviewed every item in the accounts to determine who may have been affected.

In the statement, the department said, "We currently have no evidence that this information was actually clicked, viewed, downloaded, or misused." 

DHS said it is believed the data was able to be accessed after two employees clicked on a link they received in an email.

"The Minnesota Department of Human Services takes very seriously our responsibility to protect the private information and data of Minnesotans, and will continue our vigilant efforts to uphold the highest standards of IT security and data privacy," the department said in a statement.

This is not the first time a state agency has experienced a data breach.

In 2013, the Minnesota Department of Natural Resources announced one of its employees accessed the motor vehicle records of 5,000 people without authorization.

That same year, a worker at MNsure accidentally sent out the names and social security numbers of 2,400 insurance agents.

Credits

Ben Rodgers

Copyright 2018 - KSTP-TV, LLC A Hubbard Broadcasting Company

Advertisement

10-Year-Old Falls 50 Feet from Rocky Area in Taylors Falls, Seriously Injured

Mega Millions Jackpot Reaches $1 Billion Ahead of Tonight's Drawing

$215M Settlement Proposed in Alleged USC Gynecologist Abuse

Reward Offered for Apprehension of Suspect with Warrants in Minn.

Day 5: Jayme Closs Search Continues

Advertisement