The state agency traced the breach to Hewlett-Packard Enterprise Services, the vendor that oversees the Medicaid information management system. CFHS said in a news release that an employee of Carewise Health, an HP subcontractor, responded to a telephone scam that gave remote access to a computer containing the beneficiaries' information.
The computer was disabled after the breach was reported, and the agency said scams of this nature typically involve charging people for unwanted computer services.
HP will provide free credit monitoring to affected individuals to monitor for identity theft.
The largest hacker attack on Medicaid beneficiary data occurred in Utah in March. Utah's Department of Technology Services notified 780,000 people that their data, including Social Security numbers for as many as 280,000 individuals, had been compromised.
Utah officials in April said the hack was likely the work of operatives in Eastern Europe but did not at the time supply a reason it was targeted.