Elizabeth Montalbano reports: Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files. Attackers have targeted customers of stock-trading broker Robinhood with a phishing campaign aimed to steal their credentials and spread malware using fake tax documents, the company has warned. Read more on…
Category: Phishing
Iranian cyberspies target professionals at medical research organizations in the US, Israel
Catalin Cimpanu reports: Hackers linked to Iran have targeted 25 senior professionals at various medical research organizations located in the US and Israel as part of a weeks-long phishing campaign, email security firm Proofpoint revealed today. The attacks are part of a long series of attacks that have repeatedly and increasingly targeted medical and pharmaceutical…
Overseas Service Corporation notification of a breach
Another report we may not see on HHS’s public breach tool but that involves health information. This reads like it is a notification to employees based on the types of data involved, but it doesn’t actually say who the breach impacted. Overseas Service Corporation (“OSC”) announced today a phishing email incident that involved a small…
CA: St. Agnes Medical Center patient data compromised in email breach at St. Alphonsus
Donald A. Promnitz reports: Saint Agnes Medical Center has experienced a cybersecurity incident that originated with a sister hospital in the Pacific Northwest. According to a media release from Saint Agnes, an employee of Oregon/Idaho-based Saint Alphonsus Health System had their email compromised by an unauthorized user. This individual used the employee’s account to send…
Court Upholds Insurers’ Denial of $6M Crime Claim for Phishing Loss
Andrew G. Simpson reports: Real estate software maker RealPage has been denied a $6 million computer crime insurance coverage claim because the stolen funds were not in its possession but were instead being held by a payment processing firm at the time of a phishing scheme. National Union Fire Insurance Co. (a unit of American…
Volunteers of America Chesapeake & Carolinas Notice of Security Incident
This morning’s reminder that it’s not just HIPAA covered entities or business associates that may be exposing your medical information to a breach. Volunteers of America Chesapeake & Carolinas (“VOACC”) announced today a phishing email incident that involved a small number of email accounts in its computer environment. The phishing email incident resulted in unauthorized access to…