Ally Marotti reports: At least two employees at Sinai Health System had their email accounts compromised in a phishing incident, potentially affecting the information of 11,350 people. The seven-member hospital system said in a statement Thursday that it cannot confirm whether any patient information in the email accounts was viewed. However, there is a low…
Category: Phishing
Basic training in avoiding phishing is no longer sufficient
Oof. I read something like this notification below from Boise Cascade Company in Utah, and I wonder if the employees had been regularly trained in avoiding phishing attacks, or if it was just the case that the phishing was done so damned well that the employees fell for it despite their training. In this case,…
Baptist Health Louisville notifies 880 patients after phishing incident
Baptist Health Louisville in Kentucky recently notified 880 patients of a phishing incident. The incident was also reported to the U.S. Department of Health and Human Services. According to a substitute notice in response to the breach, on October 3, Baptist Health discovered that an employee’s email account credentials were obtained by an unauthorized third-party…
9,500 patients at the Medical College of Wisconsin notified of phishing incident
Guy Boulton reports: Confidential medical information or other personal data of 9,500 patients at the Medical College of Wisconsin was compromised by a targeted attack on the school’s email system in July, the Medical College said Friday. The compromised email accounts contained one or more of the following types of information: patients’ names, home addresses, dates…
UPMC Susquehanna notifies 1,200 patients of data breach
The Daily Item reports: UPMC Susquehanna has notified 1,200 patients treated at various UPMC Susquehanna locations that their personal information — including names, dates of birth, contact information and Social Security numbers — may have been inappropriately accessed. Read more on Daily Item. So far, it’s reading like a phishing incident.
Chase Brexton Health Care notifies more than 16,000 patients after phishing incident
Chase Brexton Health Care in Maryland recently notified 16,562 patients after four employees fell for a phishing attack. The phishing emails were sent on August 2 and 3, and by August 4, the attackers had re-routed employees’ paychecks. Of note, there was no evidence that the attackers were seeking – or ever accessed or viewed –…