Minnesota Department of Human Services Company Cyber Security Posture
mn.govThe Minnesota Department of Human Services (DHS) helps provide essential services to Minnesotaโs most vulnerable residents. Working with many others, including counties, tribes and non-profits, DHS helps ensure that Minnesota seniors, people with disabilities, children and others meet their basic needs and have the opportunity to reach their full potential DHS employs a highly talented and dedicated workforce committed to providing services that produce positive outcomes for clients in a cost-effective manner. Employees have an opportunity to make a difference in the lives of Minnesotans every day. Be a part of growing team of talented professionals! Career opportunities at DHS Public policy analysts Human Service Technicians (Direct Care) Administrative and executive assistants Accountants and auditors Budget and business analysts Doctors and pharmacists Mental Health Professional Educators Human Resources Licensed Alcohol & Drug Counselor Nurses and nursing assistants Physical therapists Rehabilitation therapists Researchers, planners and data analysts Social workers Attorneys Health care administrators Eligibility and benefits representatives Interns and fellows
MDHS Company Details
minnesota-department-of-human-services
1909 employees
29229.0
922
Government Administration
mn.gov
Scan still pending
MIN_3087173
In-progress
MDHS Risk Score (AI oriented)Between 800 and 900
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
MDHS Global Score.png)
Minnesota Department of Human Services Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 800 and 900 |
Minnesota Department of Human Services Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Minnesota Department of Human Services | Breach | 85 | 4 | 03/2018 | MIN21149222 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Minnesota Department of Human Services suffered a data breach through an employeeโs e-mail account. The attack exposed the personal information of about 11,000 people. The hackers were immediately detected and the servers were secured. | |||||||
| University of Minnesota | Breach | 100 | 5 | 07/2021 | UNI84623823 | Link | |
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the "U" hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach. | |||||||
| Metropolitan Council | Breach | 85 | 4 | 3/2024 | MET935072725 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: The Maine Office of the Attorney General reported a data breach involving the Metropolitan Council on December 6, 2024. The breach occurred between March 27, 2024, and May 27, 2024, affecting 16,935 individuals, including 14 residents of Maine. The compromised information potentially included names, addresses, phone numbers, and social security numbers. The organization is offering 12 months of credit monitoring through IDX. | |||||||
| Minnesota Department of Human Services | Data Leak | 60 | 4 | 11/2022 | MIN164122123 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program. The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity. DHS implemented new procedures to address the error that led to the incident, and communicated these procedure changes to staff. | |||||||
Minnesota Department of Human Services Company Subsidiaries
The Minnesota Department of Human Services (DHS) helps provide essential services to Minnesotaโs most vulnerable residents. Working with many others, including counties, tribes and non-profits, DHS helps ensure that Minnesota seniors, people with disabilities, children and others meet their basic needs and have the opportunity to reach their full potential DHS employs a highly talented and dedicated workforce committed to providing services that produce positive outcomes for clients in a cost-effective manner. Employees have an opportunity to make a difference in the lives of Minnesotans every day. Be a part of growing team of talented professionals! Career opportunities at DHS Public policy analysts Human Service Technicians (Direct Care) Administrative and executive assistants Accountants and auditors Budget and business analysts Doctors and pharmacists Mental Health Professional Educators Human Resources Licensed Alcohol & Drug Counselor Nurses and nursing assistants Physical therapists Rehabilitation therapists Researchers, planners and data analysts Social workers Attorneys Health care administrators Eligibility and benefits representatives Interns and fellows
Access Data Using Our API
Get company history
Rapid.png)
MDHS Cyber Security News
HHSโ Civil Rights Office Acts to Promote Fairness in Girlsโ Sports
OCR's investigation responds to the recent participation of a male athlete in a female-only high school softball championship. The maleย ...
Justice Department opens investigation into Minnesota for alleged hiring discrimination
The Department of Justice announced Thursday that its Civil Rights Division is investigating the state of Minnesota for possible hiringย ...
US probes Minnesota, George Mason University over DEI, hiring practises
The U.S. government on Thursday announced probes into hiring practices and diversity, equity and inclusion initiatives by the state ofย ...
Minnesotaโs expanded anti-fraud efforts include AI pilot project
Minnesota Gov. Tim Walz announced several additions to the state's efforts to crack down on fraud against government assistance programs.
Data breach at Minnesota Human Services Department may have compromised personal information for 4,000
Personal information for more than 4,300 people may have been compromised in a data breach within the Minnesota Department of Human Services,ย ...
Connected and Protected: The Importance of Regional Cyber Tabletop Exercises
The NACo AI Regional Forum series is convening local government elected officials, appointed officers, department heads, and staff across different geographicalย ...
Mass purge of federal workers creates chaos across agencies โ and other labor news
The Trump administration's so-called Department of Government Efficiency, led by world's richest man Elon Musk, rips through agencies with indiscriminateย ...
Trump administration abruptly terminates $226M in COVID-19 grants for Minnesota
It marks the latest loss of congressionally-approved federal funding for Minnesota, coming on the heels of the Trump administration pausing orย ...
Target Tech
Build and operate platforms, data centers, field devices and HQ collaboration tools that power Target operations across the world, helping our team members toย ...
MDHS Similar Companies
City of Philadelphia
With a workforce of 30,000 people, and opportunities in 1,000 different job categories, the City of Philadelphia is one of the largest employers in Southeastern Pennsylvania. As an employer, we operate through the guiding principles of service, integrity, respect, accountability, collaboration, dive
Oslo kommune
Med ca. 50 000 ansatte er Oslo kommune en av Norges stโโrste arbeidsplasser. Vi utvikler hovedstaden og leverer tjenester og tilbud til innbyggerne i Norges stโโrste by. Oslo vokser, og du kan bidra til โโข gjโโre Oslo til en god by โโข bo i โรรฌ ogsโโข i framtiden. Alt om jobb og karrieremuligheter i
Transportation Security Administration (TSA)
The Transportation Security Administration (TSA) is a component agency of the U.S. Department of Homeland Security (DHS), committed to securing the nationโs transportation systems to ensure safe and efficient travel for all. Our mission is to protect the American people by preventing threats and dis
Etat de Vaud
Le canton de Vaud, cโรรดest plus de 800 000 personnes vivant dans plus de 300 communes ! Rejoindre lโรรดAdministration cantonale vaudoise, cโรรดest sโรรดengager aux cโยฅtโยฉs de prโยฎs de 40โรรด000 personnes unies dans un mโโขme but : servir la population. Pourquoi nous suivre ? Dโยฉdiez votre quart dโรรดhe
Landeshauptstadt Hannover
Die Stadt Hannover entstand irgendwann im Mittelalter als kleine dรถrfliche Siedlung auf einer hochgelegenen und damit hochwasserfreien Terrasse der Leine (Honovere= das hohe Ufer). Nach dem 2. Weltkrieg erholte sich die Stadt schneller als man dachte. Auf den Trรผmmern wurde eine moderne Stadt er
Region Midtjylland
Region Midtjyllands mรฅl er at skabe sundhed, trivsel, vรฆkst og velstand for regionens 1,3 millioner borgere. Vi er cirka 30.000 kolleger, der er fรฆlles om at sikre helhed og sammenhรฆng for patienter, brugere og borgere i regionen. Det gรฆlder lige fra at tilbyde den bedste behandling her og nu til
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MDHS CyberSecurity History Information
How many cyber incidents has MDHS faced?
Total Incidents: According to Rankiteo, MDHS has faced 4 incidents in the past.
What types of cybersecurity incidents have occurred at MDHS?
Incident Types: The types of cybersecurity incidents that have occurred incidents Breach and Data Leak.
How does MDHS detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through third party assistance with Outside forensics specialists and law enforcement notified with True and communication strategy with Providing options to prevent exploitation of personal information and alerting impacted individuals and remediation measures with Implemented new procedures to address the error, Communicated procedure changes to staff and containment measures with Secured Servers.
Incident Details
Can you provide details on each incident?
Incident : Data Breach
Title: Data Breach at Metropolitan Council
Description: The Maine Office of the Attorney General reported a data breach involving the Metropolitan Council on December 6, 2024. The breach occurred between March 27, 2024, and May 27, 2024, affecting 16,935 individuals, including 14 residents of Maine. The compromised information potentially included names, addresses, phone numbers, and social security numbers, and the organization is offering 12 months of credit monitoring through IDX.
Date Detected: 2024-12-06
Date Publicly Disclosed: 2024-12-06
Type: Data Breach
Incident : Data Breach
Title: University of Minnesota Data Breach
Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the 'U' hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.
Date Detected: July 2021
Type: Data Breach
Incident : Data Breach
Title: Minnesota DHS Data Breach
Description: Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program. The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity.
Type: Data Breach
Attack Vector: Human Error
Vulnerability Exploited: Human Error
Incident : Data Breach
Title: Minnesota Department of Human Services Data Breach
Description: Minnesota Department of Human Services suffered a data breach through an employeeโs e-mail account. The attack exposed the personal information of about 11,000 people. The hackers were immediately detected and the servers were secured.
Type: Data Breach
Attack Vector: Email Compromise
Vulnerability Exploited: Compromised Email Account
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Compromised Email Account.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach MET935072725
Data Compromised: names, addresses, phone numbers, social security numbers
Incident : Data Breach MIN164122123
Data Compromised: first and last names, addresses, DHS-generated billing account numbers, parental fee account activity
Incident : Data Breach MIN21149222
Data Compromised: Personal Information
Systems Affected: Email Servers
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are names, addresses, phone numbers, social security numbers, Personal Information, Account Information and Personal Information.
Which entities were affected by each incident?
Incident : Data Breach MET935072725
Entity Type: Government
Industry: Public Administration
Customers Affected: 16935
Incident : Data Breach UNI84623823
Entity Type: Educational Institution
Industry: Education
Location: Minnesota, USA
Incident : Data Breach MIN164122123
Entity Type: Government Agency
Industry: Public Sector
Location: Minnesota, USA
Customers Affected: 4307
Incident : Data Breach MIN21149222
Entity Type: Government Agency
Industry: Public Administration
Location: Minnesota, USA
Customers Affected: 11000
Response to the Incidents
What measures were taken in response to each incident?
Incident : Data Breach UNI84623823
Third Party Assistance: Outside forensics specialists
Law Enforcement Notified: True
Communication Strategy: Providing options to prevent exploitation of personal information and alerting impacted individuals
Incident : Data Breach MIN164122123
Remediation Measures: Implemented new procedures to address the error, Communicated procedure changes to staff
Incident : Data Breach MIN21149222
Containment Measures: Secured Servers
How does the company involve third-party assistance in incident response?
Third-Party Assistance: The company involves third-party assistance in incident response through Outside forensics specialists.
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach MET935072725
Type of Data Compromised: names, addresses, phone numbers, social security numbers
Number of Records Exposed: 16935
Sensitivity of Data: High
Personally Identifiable Information: True
Incident : Data Breach MIN164122123
Type of Data Compromised: Personal Information, Account Information
Number of Records Exposed: 4307
Sensitivity of Data: Medium
Personally Identifiable Information: first and last names, addresses
Incident : Data Breach MIN21149222
Type of Data Compromised: Personal Information
Number of Records Exposed: 11000
Personally Identifiable Information: True
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Implemented new procedures to address the error, Communicated procedure changes to staff.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through was Secured Servers.
References
Where can I find more information about each incident?
Incident : Data Breach MET935072725
Source: Maine Office of the Attorney General
Date Accessed: 2024-12-06
Incident : Data Breach UNI84623823
Source: University of Minnesota
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Maine Office of the Attorney GeneralDate Accessed: 2024-12-06, and Source: University of Minnesota.
Investigation Status
What is the current status of the investigation for each incident?
Incident : Data Breach UNI84623823
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Providing options to prevent exploitation of personal information and alerting impacted individuals.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Data Breach MIN21149222
Entry Point: Compromised Email Account
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Data Breach MIN164122123
Root Causes: Human Error
Corrective Actions: Implemented new procedures to address the error, Communicated procedure changes to staff
What is the company's process for conducting post-incident analysis?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Outside forensics specialists.
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Implemented new procedures to address the error, Communicated procedure changes to staff.
Additional Questions
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on 2024-12-06.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-12-06.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were names, addresses, phone numbers, social security numbers, first and last names, addresses, DHS-generated billing account numbers, parental fee account activity and Personal Information.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was Email Servers.
Response to the Incidents
What third-party assistance was involved in the most recent incident?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Outside forensics specialists.
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Secured Servers.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were names, addresses, phone numbers, social security numbers, first and last names, addresses, DHS-generated billing account numbers, parental fee account activity and Personal Information.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 751.0.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident are Maine Office of the Attorney General and University of Minnesota.
Investigation Status
What is the current status of the most recent investigation?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Compromised Email Account.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
