The Illinois Department of Human Services (IDHS) has revealed a significant security breach that exposed the personal information of over 700,000 residents for nearly four years. An internal mapping website, used to allocate state resources, was accidentally made publicly accessible from April 2021 until September 2025, when the issue was finally identified. The compromised data includes sensitive information about 672,616 individuals enrolled in Medicaid and the Medicare Savings Program. While the names of these individuals were not part of the exposed data, their addresses, case numbers, and demographic details were accessible. Additionally, information related to 32,401 individuals receiving services from the Division of Rehabilitation Services was also exposed, which included names, addresses, and case statuses. IDHS has not been able to confirm whether anyone accessed the site during the four years it was available online.