DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

CA: ‘Phishing’ scam nets patient info from City of Hope employees’ email accounts

Posted on March 4, 2016 by Dissent

It feels like I’m seeing more phishing reports that hacking reports this past week. 

Ken Stone reports:

Some patient information was unlawfully accessed as a result of a “phishing” attack that targeted the email accounts of several City of Hope staffers, the Duarte cancer research and treatment facility reported Friday.

The data breach, which took place the week of Jan. 18, “resulted in unauthorized access to four staff members email accounts, officials said.

After securing the email accounts and notifying law enforcement and other appropriate agencies, City of Hope, with the assistance of a forensic information technology firm, launched an investigation that revealed three of the affected accounts contained protected patient information such as names, medical record numbers, dates of birth, postal and email addresses, phone numbers and some clinical information such as diagnoses and dates of service, the facility reported.

Read more on MyNewsLA.com

City of Hope’s press release follows:

City of Hope said today that during the week of Jan. 18, 2016 it was the target of a “phishing” email attack that resulted in unauthorized access to the email accounts of four staff members. A phishing email is an attempt to acquire personal information such as computer account usernames and passwords by sending an email that looks like it is coming from a trustworthy source.

City of Hope took prompt action to secure the email accounts and end the intrusion. In addition to notifying local law enforcement, City of Hope retained a leading forensic information technology firm to assist with its investigation of the incident, to evaluate its systems and processes and further strengthen its safeguards to protect against such attacks.

As part of City of Hope’s investigation of this incident and with the assistance of the forensic information technology firm, on Feb. 18, 2016, it was determined that three of the affected email accounts included a number of emails that contained one or more elements of protected health information, such as patient names, medical record numbers, dates of birth, addresses, email addresses, telephone numbers and some clinical information such as diagnoses, test results and dates of service, which may have been viewed. For the majority of patients, the information contained within the three breached email accounts contained only patient name and medical record number. With the exception of information relating to one patient, the information in the email accounts did not contain any Social Security numbers or financial information. It does not appear that the phishing attack targeted protected health information; instead, it appears the accounts were accessed for the purposes of sending spam emails to other individuals. City of Hope is sending notification letters to the affected patients, and is taking all appropriate steps to mitigate any potential harm to affected individuals.

City of Hope has also notified the Department of Health and Human Services, Office for Civil Rights and state agencies as required by law.

City of Hope takes great care to protect patient privacy and regrets any concerns or inconvenience this incident may have caused affected individuals. City of Hope has set up a toll-free hotline, 866-775-4209, to answer any questions.

About City of Hope

City of Hope is an independent research and treatment center for cancer, diabetes and other life-threatening diseases. Designated as a comprehensive cancer center, the highest recognition bestowed by the National Cancer Institute, City of Hope is also a founding member of the National Comprehensive Cancer Network, with research and treatment protocols that advance care throughout the nation. City of Hope’s main hospital is located in Duarte, California, just northeast of Los Angeles, with clinics throughout Southern California. It is ranked as one of “America’s Best Hospitals” in cancer by U.S. News & World Report. Founded in 1913, City of Hope is a pioneer in the fields of bone marrow transplantation and genetics. For more information, visit www.cityofhope.org or follow City of Hope on facebook, twitter, youtube or flickr.

Related posts:

  • Choice Cancer Care Treatment Center notifies patients of May data security incident
Category: Health DataPhishingU.S.

Post navigation

← AU: Sydney University ‘lost’ computer containing sensitive student information
Romanian National Pleads Guilty In Computer Hacking Scheme →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.