TopClassActions reports that a class action lawsuit against Orlando Family Physicians (OFP) has settled for an undisclosed sum. The settlement, which doesn’t include any admission of guilt by OFP, resolves claims surrounding an April 2021 data breach. The breach reportedly occurred when four OFP employees fell prey to a phishing attack. Although the attack was…
Category: Phishing
AllCare Plus Pharmacy notifies 5,971 patients of phishing incident last year
AllCare Plus Pharmacy, Inc. is an IQVIA business in Massachusetts. This week, they notified the Maine Attorney General’s Office of a phishing incident that affected 5,971 patients. According to their notification, on June 21, 2022, AllCare discovered that some employees had received phishing emails. Their investigation revealed that some of the employees’ accounts had been…
Beaver Medical Group notifying patients whose information was accessed in phishing incident
Beaver Medical Group (BMG) in California is part of Optum Health. On January 24, BMG discovered unusual activity in an employee’s workstation. Their investigation revealed that an unauthorized actor had launched a targeted phishing attack that gave them access to the employee’s email account. The types of personal and protected health information in that account…
Shopee, Carousell most popular platforms used by phishing scammers
CNA reports: Taipei, March 12 (CNA) Shopee and Carousell, two online marketplaces based in Singapore, have been the two C2C platforms on which customers were most likely to fall victim to phishing scams in Taiwan over the past five weeks, the Criminal Investigation Bureau (CIB) said Sunday. After analyzing information reported by the public on…
Activision did not notify employees of data breach for months
Lorenzo Franceschi-Bicchierai reports: On December 4, hackers successfully phished an employee at the games giant Activision, gaining access to some internal employee and game data. This data breach was not disclosed until last weekend, when cybersecurity and malware research group vx-underground posted on Twitter screenshots of the stolen data, as well as the hackers’ messages on Activision’s internal Slack…
Fake Ethereum Denver website linked to notorious phishing wallet
CoinTelegraph reports: A fake website of the popular Ethereum Denver conference is the latest phishing target of a red-flagged smart contract that has stolen over $300,000 worth of Ether. The popular conference saw its website duplicated by hackers this week in order to trick users into connecting their MetaMask wallets. Read more at CoinTelegraph.