I realize that some will fault the entity for making early notification before they have all the facts, but my hat is off to the Oregon Health Authority (OHA). On May 6, they suffered – and quickly stopped – a successful spear-phishing attack that gave the attacker access to one employee’s mail account. That account…
Category: Phishing
Numbers from the OS, Inc. breach dribble in…
OS, Inc. provides revenue management (billing) services to covered entities. I recently reported on a phishing-related breach they experienced in 2018 that was first disclosed this month. As I noted in that post, their notification specifically mentioned a number of their affected clients. Their disclosure did not, however, provide a total number of patients affected,…
Email breach exposes hospice patients
The Bulletin reports: An employee at Bend-based hospice Partners in Care was the victim of an email phishing attack that exposed the private health information of some patients. Partners In Care discovered the attack on March 4 and did an “extensive” forensic investigation and manual email review, according to a press release. The unidentified employee’s…
Class-action lawsuit filed against Baystate Health over data breach
Jim Kinney reports that the Baystate Health breach that impacted 12,000 patients has resulted in at least one potential class-action lawsuit. The suit was filed April 11 in U.S. District Court in Springfield, Massachusetts. Lead plaintiff Aleyda Torresis of Springfield, says she is now at heightened risk for identity theft and other cybercrime, according to…
PA: Partners for Quality notifies 3,673 clients after employee email accounts compromised
Pennsylvania-based Partners for Quality is an agency focused on providing services to children with intellectual and developmental disabilities who face behavioral health challenges. PFQ consists of four entities: Allegheny Children’s Initiative Citizen Care Lifeways, Inc. d/b/a Exceptional Adventures Milestone Centers, and Partners For Quality Foundation More information about the programs can be found on their…
KY: Scott County Schools victim of $3.7 million scam
WKYT reports: Scott County Schools has announced the district is a victim of a multi-million dollar online scam. The FBI is now investigating after Superintendent Dr. Kevin Hub said an undisclosed vendor told the district it never was paid for an invoice from two weeks ago. As the district investigated, it learned it fell victim…