Hackers used stolen passwords to access thousands of BenefitsCal accounts

Thousands of BenefitsCal users may have been affected by a data breach that was discovered in February and first reported in March.

BenefitsCal is a portal website that connects Californians to benefit programs such as food assistance (CalFresh), cash aid (CalWORKS, General Assistance or Cash Assistance Program) and affordable health insurance (Medi-Cal). The website is run as a joint venture of the California Statewide Automated Welfare System (CalSAWS), the Department of Social Services and the Department of Health Care Services.

On Feb. 9, BenefitsCal discovered that unauthorized individuals were logging into the portal using stolen login information including passwords taken from other websites. This access occurred between March 1, 2023 and Feb. 13, 2024. On March 26, BenefitsCal sent a letter to users, informing them of the breach.

The unauthorized individuals had access to users’ personal information, including their name, address, date of birth, part or all of their social security number, email address, phone number, EBT card number, case number, Medi-Cal ID number, and information about their program eligibility and benefits, according to the letter.

According to Department of Social Services spokeswoman Theresa Mier, after the breach was discovered, BenefitsCal notified 19,027 users that their accounts may have been impacted and advised them of actions they can take to secure their information.

“To enhance security, BenefitsCal now requires two-step verification. Users must now enter a one-time code sent to their email address or phone number on file to access the BenefitsCal system. Once this code is entered, users can access their case information,” Mier told The Bee in an email.