DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

CA: ‘Phishing’ scam nets patient info from City of Hope employees’ email accounts

Posted on March 4, 2016 by Dissent

It feels like I’m seeing more phishing reports that hacking reports this past week. 

Ken Stone reports:

Some patient information was unlawfully accessed as a result of a “phishing” attack that targeted the email accounts of several City of Hope staffers, the Duarte cancer research and treatment facility reported Friday.

The data breach, which took place the week of Jan. 18, “resulted in unauthorized access to four staff members email accounts, officials said.

After securing the email accounts and notifying law enforcement and other appropriate agencies, City of Hope, with the assistance of a forensic information technology firm, launched an investigation that revealed three of the affected accounts contained protected patient information such as names, medical record numbers, dates of birth, postal and email addresses, phone numbers and some clinical information such as diagnoses and dates of service, the facility reported.

Read more on MyNewsLA.com

City of Hope’s press release follows:

City of Hope said today that during the week of Jan. 18, 2016 it was the target of a “phishing” email attack that resulted in unauthorized access to the email accounts of four staff members. A phishing email is an attempt to acquire personal information such as computer account usernames and passwords by sending an email that looks like it is coming from a trustworthy source.

City of Hope took prompt action to secure the email accounts and end the intrusion. In addition to notifying local law enforcement, City of Hope retained a leading forensic information technology firm to assist with its investigation of the incident, to evaluate its systems and processes and further strengthen its safeguards to protect against such attacks.

As part of City of Hope’s investigation of this incident and with the assistance of the forensic information technology firm, on Feb. 18, 2016, it was determined that three of the affected email accounts included a number of emails that contained one or more elements of protected health information, such as patient names, medical record numbers, dates of birth, addresses, email addresses, telephone numbers and some clinical information such as diagnoses, test results and dates of service, which may have been viewed. For the majority of patients, the information contained within the three breached email accounts contained only patient name and medical record number. With the exception of information relating to one patient, the information in the email accounts did not contain any Social Security numbers or financial information. It does not appear that the phishing attack targeted protected health information; instead, it appears the accounts were accessed for the purposes of sending spam emails to other individuals. City of Hope is sending notification letters to the affected patients, and is taking all appropriate steps to mitigate any potential harm to affected individuals.

City of Hope has also notified the Department of Health and Human Services, Office for Civil Rights and state agencies as required by law.

City of Hope takes great care to protect patient privacy and regrets any concerns or inconvenience this incident may have caused affected individuals. City of Hope has set up a toll-free hotline, 866-775-4209, to answer any questions.

About City of Hope

City of Hope is an independent research and treatment center for cancer, diabetes and other life-threatening diseases. Designated as a comprehensive cancer center, the highest recognition bestowed by the National Cancer Institute, City of Hope is also a founding member of the National Comprehensive Cancer Network, with research and treatment protocols that advance care throughout the nation. City of Hope’s main hospital is located in Duarte, California, just northeast of Los Angeles, with clinics throughout Southern California. It is ranked as one of “America’s Best Hospitals” in cancer by U.S. News & World Report. Founded in 1913, City of Hope is a pioneer in the fields of bone marrow transplantation and genetics. For more information, visit www.cityofhope.org or follow City of Hope on facebook, twitter, youtube or flickr.

Related posts:

  • Choice Cancer Care Treatment Center notifies patients of May data security incident
Category: Health DataPhishingU.S.

Post navigation

← AU: Sydney University ‘lost’ computer containing sensitive student information
Romanian National Pleads Guilty In Computer Hacking Scheme →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people
  • Terrible tales of opsec oversights: How cybercrooks get themselves caught
  • International Criminal Court hit with cyber attack during NATO summit
  • Pembroke Regional Hospital reported canceling appointments due to service delays from “an incident”
  • Iran-linked hackers threaten to release emails allegedly stolen from Trump associates
  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.