Springfield, IL (CAPITOL CITY NOW) – We’re learning just now about a potential data breach involving personal information affecting the Illinois Department of Healthcare and Family Services back in February, and potentially involving both employees and clients.

The state says someone tried to conduct a phishing scheme to try to gain access to the user names and passwords of department employees, sending those employees e-mails from another hacked government account.

The state says they talked with employees about what to do and not to do when they’re sent a request for state credentials. But, that person might have, in turn, gained personal information of clients.   The total number of people affected was 933, more than half of which are state residents.  Department clients were notified several weeks ago.

Immediately upon discovery, HFS worked with the Illinois Department of Innovation and Technology (DoIT) to block the link contained in the email and reset any employee’s password that may have been compromised,” said a state news release.

The information the hacker got might have varied, but could include anything from state ID numbers to social security numbers, so they recommend anyone affected look at putting security freezes on their credit reports.

If you think you might have been impacted, you can e-mail HFS.Privacy.Officer@illinois.gov.