DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

CA: ‘Phishing’ scam nets patient info from City of Hope employees’ email accounts

Posted on March 4, 2016 by Dissent

It feels like I’m seeing more phishing reports that hacking reports this past week. 

Ken Stone reports:

Some patient information was unlawfully accessed as a result of a “phishing” attack that targeted the email accounts of several City of Hope staffers, the Duarte cancer research and treatment facility reported Friday.

The data breach, which took place the week of Jan. 18, “resulted in unauthorized access to four staff members email accounts, officials said.

After securing the email accounts and notifying law enforcement and other appropriate agencies, City of Hope, with the assistance of a forensic information technology firm, launched an investigation that revealed three of the affected accounts contained protected patient information such as names, medical record numbers, dates of birth, postal and email addresses, phone numbers and some clinical information such as diagnoses and dates of service, the facility reported.

Read more on MyNewsLA.com

City of Hope’s press release follows:

City of Hope said today that during the week of Jan. 18, 2016 it was the target of a “phishing” email attack that resulted in unauthorized access to the email accounts of four staff members. A phishing email is an attempt to acquire personal information such as computer account usernames and passwords by sending an email that looks like it is coming from a trustworthy source.

City of Hope took prompt action to secure the email accounts and end the intrusion. In addition to notifying local law enforcement, City of Hope retained a leading forensic information technology firm to assist with its investigation of the incident, to evaluate its systems and processes and further strengthen its safeguards to protect against such attacks.

As part of City of Hope’s investigation of this incident and with the assistance of the forensic information technology firm, on Feb. 18, 2016, it was determined that three of the affected email accounts included a number of emails that contained one or more elements of protected health information, such as patient names, medical record numbers, dates of birth, addresses, email addresses, telephone numbers and some clinical information such as diagnoses, test results and dates of service, which may have been viewed. For the majority of patients, the information contained within the three breached email accounts contained only patient name and medical record number. With the exception of information relating to one patient, the information in the email accounts did not contain any Social Security numbers or financial information. It does not appear that the phishing attack targeted protected health information; instead, it appears the accounts were accessed for the purposes of sending spam emails to other individuals. City of Hope is sending notification letters to the affected patients, and is taking all appropriate steps to mitigate any potential harm to affected individuals.

City of Hope has also notified the Department of Health and Human Services, Office for Civil Rights and state agencies as required by law.

City of Hope takes great care to protect patient privacy and regrets any concerns or inconvenience this incident may have caused affected individuals. City of Hope has set up a toll-free hotline, 866-775-4209, to answer any questions.

About City of Hope

City of Hope is an independent research and treatment center for cancer, diabetes and other life-threatening diseases. Designated as a comprehensive cancer center, the highest recognition bestowed by the National Cancer Institute, City of Hope is also a founding member of the National Comprehensive Cancer Network, with research and treatment protocols that advance care throughout the nation. City of Hope’s main hospital is located in Duarte, California, just northeast of Los Angeles, with clinics throughout Southern California. It is ranked as one of “America’s Best Hospitals” in cancer by U.S. News & World Report. Founded in 1913, City of Hope is a pioneer in the fields of bone marrow transplantation and genetics. For more information, visit www.cityofhope.org or follow City of Hope on facebook, twitter, youtube or flickr.

Category: Health DataPhishingU.S.

Post navigation

← AU: Sydney University ‘lost’ computer containing sensitive student information
Romanian National Pleads Guilty In Computer Hacking Scheme →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Chinese Hackers Hit Drone Sector in Supply Chain Attacks
  • Coinbase says hackers bribed staff to steal customer data and are demanding $20 million ransom
  • $28 million in Texas’ cybersecurity funding for schools left unspent
  • Cybersecurity incident at Central Point School District 6
  • Official Indiana .gov email addresses are phishing residents
  • Turkish Group Hacks Zero-Day Flaw to Spy on Kurdish Forces
  • Cyberattacks on Long Island Schools Highlight Growing Threat
  • Dior faces scrutiny, fine in Korea for insufficient data breach reporting; data of wealthy clients in China, South Korea stolen
  • Administrator Of Online Criminal Marketplace Extradited From Kosovo To The United States
  • Twilio denies breach following leak of alleged Steam 2FA codes

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • South Korea fines Temu for data protection violations
  • The BR Privacy & Security Download: May 2025
  • License Plate Reader Company Flock Is Building a Massive People Lookup Tool, Leak Shows
  • FTC dismisses privacy concerns in Google breakup
  • ARC sells airline ticket records to ICE and others
  • Clothing Retailer, Todd Snyder, Inc., Settles CPPA Allegations Regarding California Consumer Privacy Act Violations
  • US Customs and Border Protection Plans to Photograph Everyone Exiting the US by Car

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.