Programming glitch takes rental assistance portal offline for two days
An online portal through which tenants impacted by COVID-19 can apply for rental assistance went offline for two days last week after the discovery of a programming glitch that compromised some personal information.
It was an applicant’s call on Feb. 1 to the Illinois Housing Development Authority’s call center that alerted the department to the problem. The applicant told a call center representative that they saw someone else’s document when they logged into their rental application, said IHDA’s spokesperson Amy Lee.
“As soon as this information was brought to our attention, we took immediate action to ensure the safety of our applicants was prioritized,” IHDA Executive Director Kristin Faust said in a news release. “IHDA fiercely guards the security of personal information in its possession and regrets this incident.”
The portal went offline and all access to external users was blocked while IHDA identified and resolved the issue. The portal was shut down until Thursday, Feb. 3, while IHDA identified and resolved the issue.
IHDA found the personal information exposure was the result of a coding error associated with web portal update, not hackers. The processing of applications for rental assistance was not affected by the error.
Tenants used the portal to apply to the Illinois Rental Payment Program, or ILRPP, funded by the federal American Rescue Plan Act signed by President Joe Biden in March.
The launch of the portal was delayed in November when testing found it could not handle the expected heavy traffic. The portal was opened on Dec. 6 but stopped accepting applications on Jan. 9. While the portal is no longer accepting new applications, it remains open until Feb. 17 so landlords can submit supporting documents for existing applications.
IHDA received more than 89,700 applications. Of those, 110 applications may have had their information compromised. Lee said they have no evidence, anecdotal or otherwise, that there was any use of the information that was compromised.
The coding was fixed, thoroughly tested and the portal was back online on Feb. 3. The state incurred no additional costs to fix the coding error, Lee said.