Over 19,000 online accounts on California's welfare platform, BenefitsCal, were compromised by unauthorized access.

Personal data such as names, addresses, and Social Security numbers were exposed during the breach.

The security incident stemmed from password reuse, with credentials obtained from third-party site breaches.

BenefitsCal responded by deactivating affected accounts and bolstering security with measures like two-factor authentication (2FA).

Notifications are being sent to the impacted users with guidance on securing their accounts, but it's unknown if identity protection services will be offered.

The breach spanned almost a year, from March 1, 2023, to February 13, 2024, highlighting the importance of unique and strong password hygiene.