The Minnesota State IT Commissioner Johanna Clyborne told lawmakers on Wednesday that last summer’s data breach that jeopardized personal data of thousands of Minnesotans on Medical Assistance was caused by two state employees clicking on phishing links in e-mails.

“There are tools that can help us,” she said, “But at the end of the day there’s a human being on the other end of that box that clicks on a link.”

Republican Senator Mary Kiffmeyer isn’t satisfied with that explanation and said, “Any government agency is a high-value target. You can expect phishing. You can expect those things are going on and so, anticipating that should be a normal course of business.”