Minnesota Department of Human Services confirms data breach

A DHS employee fell for a phishing scam.
Author:
Publish date:

The Minnesota Department of Human Services has confirmed a data breach that may have compromised that private information of up to 3,000 staff and clients.

The department, which provides services to some of Minnesota's most vulnerable populations, says that a staff member fell for a phishing scam on Sept. 28, clicking on a malicious link.

This gave hackers access to the state email account of the DHS worker, potentially exposing the information of some who had connection with the department's Children and Family Services program.

"The hacker used this email account to send out spam email messages and may have accessed some of the information contained in the email account," a DHS statement said.

"We took steps to secure the email account, and currently have no evidence that any information was actually viewed, downloaded or misused in any way."

While there's no evidence yet that any data was taken, DHS Commissioner Tony Lourey told state lawmakers this week that the email account contained data on DHS workers and those who use its services.

This could have included names, dates of birth, phone numbers, emails and information on child protection cases.

Want a new way to find our stories? Follow BMTN on Flipboard

It also contained Social Security and driver's license numbers for about 30 people, the Pioneer Press reports.

Letters will go out to those impacted by the breach on Wednesday. 

It comes just a few months after the DHS announced two separate data breaches compromised the private information of as many as 21,000 Minnesotans, as KSTP reported.

Next Up

Related