Cyber Incident Victim: Minnesota Department of Human Services

In June and July 2018, the Minnesota Department of Human Services (DHS) experienced two successful phishing attacks targeting employee email accounts. Attackers gained unauthorized access to the state email accounts of two DHS employees through these phishing campaigns, enabling them to view and download information contained within the compromised accounts. The department confirmed the breach in a public statement on October 4, 2018, after completing their investigation. While the exact dates of initial detection weren't disclosed, DHS took immediate steps to secure the affected accounts upon discovering the intrusions. The incidents remained under investigation for approximately three months before public notification.

The breach potentially exposed personal information of approximately 21,000 individuals who had interacted with DHS programs. On October 9, 2018, DHS began notifying affected individuals via mailed letters dated October 2, disclosing that attackers had "the ability to access" sensitive information during the two-month period. The department emphasized it found no evidence that data was actually viewed, downloaded, or misused. Public notification coincided with the posting of a formal breach notice on the DHS website, which described the attacks as part of an increasing trend of sophisticated cyberattacks targeting state agencies. DHS established a dedicated phone line (651-431-2255) for impacted individuals while continuing internal security improvements and employee training to prevent future phishing incidents.