Today’s reminder that health data shows up everywhere: an attack on Plumsted Township in New Jersey via employees’ email accounts. For more than 1 month, the attacker had access to their email environment.
From the town’s notification:
While the specific data elements vary for each potentially affected individual, and it is important to note that no potentially affected individual would have had all of the data elements listed below present in the impacted files, the scope of information potentially involved includes: name; address; Social Security number; date of birth; driver’s license number or state identification number; financial account information; medical history information; and health insurance or group plan number. Plumsted Township is in the process of notifying individuals whose information was involved.