And once again, people rush to file potential class action lawsuits following a breach. It has been less than one month since Tandem Diabetes Care notified patients of a phishing incident that may have compromised personal and protected health information. But now one of those notified has filed a complaint in federal court, alleging, among…
Category: Phishing
Applications Software Technology LLC notifies employees of W-2 data breach
Remember the “good old days” when we were most worried about phishing or BEC attacks to get employees’ W-2 data for tax refund fraud scams? Have you seen any reports like that recently? I just realized that I haven’t when I saw one in the news today. Bill Toulas reports: “AST LLC” has announced a data…
MD: Doctors Community Medical Center notifies patients after phishing incident put patient info at risk
Doctors Community Medical Center in Maryland is notifying an unreported number of patients whose protected health information was potentially compromised by a phishing incident. In January, the center noticed unusual network activity in its payroll system. Their investigation revealed that a number of employees had fallen for a phishing attack and that the attacker(s) had…
Less than two weeks after an Indiana hospital reported a phishing-related HIPAA breach, they had a second one
I was working today on adding details to spreadsheets that I use in calculating the gap between breach and discovery, and between discovery and notification. One of the incidents I was looking into today involved a report from Lafayette Regional Rehabilitation Hospital in Indiana. On November 25, they learned that in July, 2019 someone had…
IE: Data of 9,735 teachers shared after ‘phishing’ email breach
Katherine Donnelly reports: A data breach at the Teaching Council has led to personal information relating to 9,735 teachers being shared. The council, which holds personal data on 104,000 serving and retired teachers, has alerted those affected and said it was “not likely to result in any real risk to you in circumstances where limited…
University of Utah Health notifies patients of phishing attacks that began in January
The University of Utah Health is notifying patients whose protected health information was in some employees’ email accounts after they fell for a phishing attack. The following is a notice posted on their website March 20th: We are committed to protecting the confidentiality of our patients’ information. Regrettably, this notice is regarding an incident involving…