The Minnesota Department of Human Services says a data breach potentially exposed personal information on up to 3,000 people.
Commissioner Tony Lourey tells legislative leaders it happened Sept. 28 when an employee fell for a phishing scam and clicked on a malicious link that caused the employee’s email account to send spam.
Lourey says technicians could not identify what, if any personal information might have been accessed. But the compromised account contained data on DHS employees and clients, including names, dates of birth, phone numbers, emails and information on child protection cases. It also held Social Security and driver’s license numbers and financial data on about 30 people.
Letters started going out to the affected individuals Wednesday.
Around 21,000 Minnesotans were affected by a breach at the department last year.