Another report we may not see on HHS’s public breach tool but that involves health information. This reads like it is a notification to employees based on the types of data involved, but it doesn’t actually say who the breach impacted. Overseas Service Corporation (“OSC”) announced today a phishing email incident that involved a small…
Category: Phishing
CA: St. Agnes Medical Center patient data compromised in email breach at St. Alphonsus
Donald A. Promnitz reports: Saint Agnes Medical Center has experienced a cybersecurity incident that originated with a sister hospital in the Pacific Northwest. According to a media release from Saint Agnes, an employee of Oregon/Idaho-based Saint Alphonsus Health System had their email compromised by an unauthorized user. This individual used the employee’s account to send…
Court Upholds Insurers’ Denial of $6M Crime Claim for Phishing Loss
Andrew G. Simpson reports: Real estate software maker RealPage has been denied a $6 million computer crime insurance coverage claim because the stolen funds were not in its possession but were instead being held by a payment processing firm at the time of a phishing scheme. National Union Fire Insurance Co. (a unit of American…
Volunteers of America Chesapeake & Carolinas Notice of Security Incident
This morning’s reminder that it’s not just HIPAA covered entities or business associates that may be exposing your medical information to a breach. Volunteers of America Chesapeake & Carolinas (“VOACC”) announced today a phishing email incident that involved a small number of email accounts in its computer environment. The phishing email incident resulted in unauthorized access to…
OH: Fisher-Titus Medical Center notified patients; employee email account accessed last year
Brandon Addeo reports: The personal information of patients at Fisher-Titus Medical Center was compromised after an unknown person gained access to an employee’s email account. According to a notice from the Norwalk hospital, someone accessed an employee’s email between August 2020 and October 2020. That email account contained personal information including people’s full names, Social…
Sequoia Capital Suffers Data Breach
Dark Reading reports: Sequoia Capital last week warned investors that some of their personal and sensitive information may have been exposed in a recent data breach of the firm. According to reports, Sequoia said the data may have been accessed by a third party in the breach, which occurred as a result of a successful phishing attack on an employee via email….