The Department of Justice announced a stunning arrest today of key players in one of the most damaging threat actors in the last decade. Kudos to all involved in their arrests. You can read the DOJ’s full press release below, but let’s start with a quote from a FIN7 hunter: “FIN7 is the most prolific and…
Category: Phishing
UnityPoint warns 1.4 million patients their information might have been breached by email hackers
The DesMoines Register reports: One of Iowa’s main hospital and clinic systems has notified about 1.4 million patients that their personal information might have been breached. UnityPoint Health officials said hackers used “phishing” techniques to break into the company’s email system. The company, based in West Des Moines, said the hackers could have obtained medical…
Clark University notifies students of phishing incident
Clark University in Massachusetts began notifying some students whose personal information, including Social Security Numbers, were in an employee’s email account that had been accessed. According to their notification dated July 20, the university’s investigation revealed that an unauthorized individual could have accessed the employee’s email account between March 19 and March 23rd. From the wording…
NorthStar Anesthesia notifies patients after employee email accounts compromised
Between May 23 and 24, 2018, NorthStar learned of an email phishing campaign that resulted in the compromise of certain employees’ email credentials. NorthStar immediately took steps to respond and commenced an investigation to determine the nature and scope of the incident, as well as determine what information may be affected. The investigation included working…
Sunspire Health notifying patients after employee email accounts accessed in phishing attack
Joseph Goedert reports: Sunspire Health, a nationwide network of addiction treatment facilities, is notifying an undisclosed number of individuals and offering them credit and identity monitoring services after several employee email accounts were accessed in a phishing attack. While the size of the Sunspire attack is not yet publicly known, the incident soon will be…
University of Pittsburgh Medical Center- Cole notifies patients of personal data breach
The Wellsville Daily reports: UPMC Cole has notified 790 patients treated at UPMC Cole that their personal information may have been inappropriately accessed. […] As a result of UPMC Cole’s internal investigation, it was determined that there were two phishing attacks (e-mails sent from an external source that look like they are from a trusted…