Joseph Goedert reports: Sunspire Health, a nationwide network of addiction treatment facilities, is notifying an undisclosed number of individuals and offering them credit and identity monitoring services after several employee email accounts were accessed in a phishing attack. While the size of the Sunspire attack is not yet publicly known, the incident soon will be…
Category: Phishing
University of Pittsburgh Medical Center- Cole notifies patients of personal data breach
The Wellsville Daily reports: UPMC Cole has notified 790 patients treated at UPMC Cole that their personal information may have been inappropriately accessed. […] As a result of UPMC Cole’s internal investigation, it was determined that there were two phishing attacks (e-mails sent from an external source that look like they are from a trusted…
Eight Arrested in Africa-Based Cybercrime and Business Email Compromise Conspiracy
In accordance with the Justice Department’s recent efforts to disrupt business email compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens, the Department announced Operation Keyboard Warrior, an effort coordinated by United States and international law enforcement to disrupt online frauds perpetrated from Africa. …
Email providers blacklist oregon.gov, now state can’t email some members of the public
When you think of consequences of employees clicking on phishing emails, did you ever think about how an entire state government might wind up having their email domain blacklisted? It happened to Oregon because oregon.gov was used to send out spam after an employee clicked on a phishing email. Hillary Borrud reports: Oregon’s state technology workers…
MO: Black River Medical Center notified patients whose information was potentially accessed
Black River Medical Center in Missouri has sent notification letters to an unspecified number of patients potentially affected by a phishing incident discovered in April. Here is their June 13 notice from their web site: Black River Medical Center has become aware of a potential data security incident that may have resulted in the inadvertent…
Phishing theft of $93G at clean energy agency went unreported for months
Brian Dowling reports: A cyber scammer stole nearly $94,000 in public funds from the Massachusetts Clean Energy Center last year, with news of the theft-by-email taking 8 months to reach the quasi-public agency’s board of directors, according to a state audit. A review by State Auditor Suzanne M. Bump found the clean energy agency “unwittingly…