Cyber Incident Victim: Manage My Case portal
Date:
May 2023
Location:
United States of America
Summary
A data breach occurred in Illinois' Application for Benefits Eligibility system via unauthorized accounts created in the Manage My Case portal, compromising personal information including names, Social Security numbers, addresses, and income details of Medicaid, SNAP, and TANF applicants and recipients. The attackers leveraged externally stolen data to link fraudulent accounts to legitimate user profiles. The responsible departments implemented measures to block further unauthorized access, notified affected individuals and state authorities, and established an assistance hotline while recommending victims contact credit agencies and the Federal Trade Commission for identity protection resources.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around May 12, 2023, the Illinois Department of Healthcare and Family Services (HFS) and Department of Human Services (IDHS) disclosed a data breach impacting the State of Illinois Application for Benefits Eligibility (ABE) system’s Manage My Case (MMC) portal. The ABE system determines eligibility for Medicaid, SNAP, and TANF programs administered by the state. Unauthorized actors created accounts within the ABE system using personal information stolen from an external source, then linked these fraudulent accounts to legitimate customer MMC accounts. This unauthorized linkage enabled access to sensitive personal data of individuals who had applied for or were receiving benefits through the portal. The compromised information included names, Social Security numbers, recipient identification numbers, addresses, phone numbers, and income details. The breach exposed vulnerabilities in the portal’s account linkage controls, though the specific method of initial external data theft was not detailed in the disclosure.
The departments implemented measures to address the breach and prevent further unauthorized access, though technical specifics of these actions were not provided. Notifications were issued to potentially affected individuals, the Illinois General Assembly, and the Office of the Illinois Attorney General. A dedicated assistance phone line (1-877-657-0006) was established and remained operational until August 14, 2023, to field inquiries. Impacted individuals were advised to contact consumer reporting agencies to place fraud alerts or security freezes on their accounts and directed to the Federal Trade Commission’s identity theft resources. The incident underscored risks to beneficiaries of critical state assistance programs, with potential consequences including identity theft and financial fraud due to the exposure of high-sensitivity data. No quantitative estimates of affected individuals or timelines of unauthorized access were disclosed in the available information.