Despite attempts to educate employees and consumers how not to fall for phishing attacks, they continue to pose a significant risk to businesses and individuals. Here are just three current news items from different sectors that all show the impact of phishing.
Kristen Jordan Shamus reports:
The personal information of about 33,850 Michigan Medicine patients was compromised through a phishing scheme that targeted employee emails, the Ann Arbor-based health system announced Thursday.
Cyberattackers were able to get names, medical record numbers, addresses, dates of birth, diagnostic and treatment information and/or health insurance information of some of the patients. Details about the coordination and care of some patients was also compromised.
Read more at Detroit Free Press
Brian Quarmby reports:
An alleged phishing scammer going by the pseudonym Monkey Drainer has reportedly swiped around $1 million worth of Ether via dubious copycat nonfungible token (NFT) minting websites this week.
Well-known blockchain sleuth ZachXBT was one of the first to track and highlight the activity, outlining on Oct. 26 that:
“Over the past 24 hrs ~700 ETH ($1m) has been stolen by the phishing scammer known as Monkey Drainer. They recently surpassed 7300 transactions from their drainer wallet after being around for only a few months.”
Read more at CoinTelegraph.
Sergiu Gatlan reports:
Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August hack accessed some customers’ information.
Twilio says this was a “brief security incident” on June 29. The attacker used social engineering to trick an employee into handing over their credentials in a voice phishing attack.
Read more at BleepingComputer.