Now that I know what I’m looking for, I’m finding more evidence of targeted email attacks affecting members of Ascension Health. For previous reports on this incident, read here and here. On March 16, Sacred Heart Health System in Florida posted this notice on their site about a breach they reported to HHS as affecting…
Category: Malware
And then there were
And then there were three (Ascension Health entities breached)
Now can I say, “I told you so?” When Ascension Health wouldn’t answer my question as to whether there were other members who had also had a phishing incident recently other than the two hospitals I had already reported on, I was even more suspicious. Then this afternoon, I discovered that St. Agnes Health Care,…
Seton Family Health notifying 39,000 patients after employee falls for phish; Second Ascension Health member to report breach this week (Update2)
Is Ascension Health being targeted by attackers successfully acquiring employee e-mail account logins via phishing? (Update 2: It seems they are. See this post after reading the one below.) Zach Lozano reports that Seton Family of Hospitals will provide free identity monitoring and protection services for patients who had their personal information leaked in a phishing…
Banks seek to block Target’s deal with MasterCard over data breach
Reuters reports: A group of small banks and credit unions suing Target Corp over its massive data breach in 2013 are moving to block the retailer’s proposed $19 million settlement with MasterCard Inc, calling it a “sweetheart deal” aimed at undercutting their own claims for losses. Lawyers for plaintiffs in the lawsuit, which seeks class-action…
IN: St. Vincent Medical Group notifies patients after successful phishing attempt compromises PHI
St. Vincent Medical Group in Indiana, a member of Ascension Health, has provided a substitute notice following an e-mail phishing incident. According to their notice, a copy of which is posted on their web site, on December 3, 2014, they learned that an employee’s user name and password had been compromised as a result of e-mail phishing….
CozyDuke hackers targeting prominent US targets
John Leyden reports: A newly discovered group of cyber-spies are closely targeting high profile US targets, possibly including both the White House and the State Department. The so-called CozyDuke hackers make extensive use of spear-phishing, sometimes using emails containing a link to a hacked (otherwise legitimate) websites such as “diplomacy.pl”. Read more on The Register.