MRT reports that once again, compromising employee email provides access for attackers: Midland Memorial Hospital announced Tuesday there was a data security incident involving a limited number of patients’ personal information. […] The hospital became aware on Oct. 13 that an unauthorized third party may have obtained access to an employee’s e-mail account on or…
Category: Phishing
Clarion U. students notified after employees fall for phishing attack
Ron Wilshire reports: Clarion University was notified of an email compromise that occurred because of a criminal phishing scam that compromised two email accounts in the registrar’s office. The unauthorized individual or individuals had access to the accounts between October 7 and October 10. “Clarion University is committed to data integrity and privacy protection,” said Communication Manager…
Sinai Health System notifies 11,350 patients after phishing incident
Ally Marotti reports: At least two employees at Sinai Health System had their email accounts compromised in a phishing incident, potentially affecting the information of 11,350 people. The seven-member hospital system said in a statement Thursday that it cannot confirm whether any patient information in the email accounts was viewed. However, there is a low…
Basic training in avoiding phishing is no longer sufficient
Oof. I read something like this notification below from Boise Cascade Company in Utah, and I wonder if the employees had been regularly trained in avoiding phishing attacks, or if it was just the case that the phishing was done so damned well that the employees fell for it despite their training. In this case,…
Baptist Health Louisville notifies 880 patients after phishing incident
Baptist Health Louisville in Kentucky recently notified 880 patients of a phishing incident. The incident was also reported to the U.S. Department of Health and Human Services. According to a substitute notice in response to the breach, on October 3, Baptist Health discovered that an employee’s email account credentials were obtained by an unauthorized third-party…
9,500 patients at the Medical College of Wisconsin notified of phishing incident
Guy Boulton reports: Confidential medical information or other personal data of 9,500 patients at the Medical College of Wisconsin was compromised by a targeted attack on the school’s email system in July, the Medical College said Friday. The compromised email accounts contained one or more of the following types of information: patients’ names, home addresses, dates…