Wendy Davis reports: The Association of National Advertisers suffered a phishing attack last year that may have resulted in the theft of employee data, including names and social security numbers, MediaPost has learned. The ANA said in a January 24 letter to former employees that it learned last October of a “possible data security incident.”…
Category: Phishing
Verity Health System of California, Inc. and Verity Medical Foundation Notify Individuals and Regulatory Bodies of Data Security Incident
From their public notification: [El Segundo, CA, January 25, 2019] – Although there is no evidence of the unauthorized access or use of individual health or personal information, Verity Health System of California, Inc. and Verity Medical Foundation (collectively “Verity”) are notifying potentially affected individuals that some of their personal information may have been accessed…
MI: Sacred Heart Rehabilitation Center notifies patients of phishing incident
Another day, another phishing report from a HIPAA-covered entity. This time, it’s Sacred Heart Rehabilitation Center in Michigan. The phishing attack itself occurred in early April. It’s not clear when the center first discovered the breach, but they only first discovered PHI was involved in November. The center’s release did not reveal numbers, and this is…
New tool automates phishing attacks that bypass 2FA
Catalin Cimpanu reports: A new penetration testing tool published at the start of the year by a security researcher can automate phishing attacks with an ease never seen before and can even blow through login operations for accounts protected by two-factor authentication (2FA). Named Modlishka –the English pronunciation of the Polish word for mantis– this…
LA: Caddo Schools scammed out of nearly $1 million
Marquel Sennet reports: The Caddo Parish School System is scammed out of nearly $1 million in tax payer money. The fraudulent activity is now being investigated by the FBI and local law enforcement. This phishing scheme targeted funds designated for Charter Schools USA, which operates Magnolia School of Excellence. Caddo Schools makes monthly payments to…
MI: Kent County Community Mental Health Authority notifies 2,284 patients after phishing attack
Kent County Community Mental Health Authority of Michigan, dba as Network180, issued a notice on their site about a HIPAA breach that they reported to HHS as affecting 2,284 patients. Here is the text of their notice: We are posting this notice as part of our serious commitment to privacy. We regret to inform the…