HIPAA Journal reports a development in the aftermath of a UConn Health phishing attack that was first disclosed last month: A class action lawsuit has been proposed which seeks to recover damages for patients whose protected health information (PHI) was exposed in the UConn Health phishing attack that was discovered on December 24, 2018. The…
Category: Phishing
Verity Medical Foundation discloses third incident involving access to employees’ email accounts
Oh dear. When I saw Verity Medical Foundation listed on HHS’s public breach tool this month with more than 14,000 patients impacted, I thought it might be just an updated report for the two incidents that they had disclosed in January. But no. It appears that Verity had yet another breach. Like the first two,…
Frederick Regional Health System notifies hospice patients of phishing incident
Frederick Regional Health System recently disclosed a phishing incident that compromised an undiclosed number of hospice patients’ personal and protected health information. Here is their notification, first reported by the Frederick News-Post. Frederick Regional Health System is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice is to inform our…
Oregon DHS discloses breach potentially affecting 350,000 after successful phisher gained access to employees’ email accounts
KDRV reports: Oregon’s Department of Human Services (DHS) revealed on Thursday that the private data of more than 350,000 clients may have been accessed in a massive data breach that began earlier this year. The agency said that the breach stemmed from a phishing scam that infected the emails of nine separate employees after they…
Hartwig Moss Insurance Agency discloses data breach affecting 1,100 customers
Jennifer Larino reports: Hartwig Moss Insurance Agency, a fifth-generation New Orleans business on Canal Street, revealed Wednesday (March 20) that a data breach may have exposed personal info for roughly 1,100 customers. The breach involved basic information, including names, birthdates and driver’s license numbers, taken from the company’s insurance accounts, according to a news release….
US Healthcare institutions are vulnerable to phishing attacks: Survey
CISOMag reports on a recent survey and report, Assessment of Employee Susceptibility to Phishing Attacks at US Health Care Institutions, authored by Dr. William Gordon and colleagues. Not surprisingly, the survey found that the healthcare sector was susceptible to phishing attacks. How susceptible, you wonder? William specified that when the researchers sent simulated phishing emails,…