Catalin Cimpanu reports: A cybercrime group operating since mid-2019 has breached the email accounts of high-ranking executives at more than 150 companies, cyber-security firm Group-IB reported today. The group, codenamed PerSwaysion, appears to have targeted the financial sector primarily, which accounted for more than half of its victims; although, victims have been recorded at companies…
Category: Phishing
Hackers may have accessed personal information of Aurora Medical Center Bay Area patients
Jake Prinsen reports: Hackers may have stolen personal information from patients at Aurora Medical Center Bay Area. Someone used an email phishing scam around January 1 to gain access to email accounts of several of the Marinette hospital’s employees, according to Advocate Health Aurora. Read more on Green Bay Press Gazette.
Medical Device Maker Faces California Privacy Suit After Breach
And once again, people rush to file potential class action lawsuits following a breach. It has been less than one month since Tandem Diabetes Care notified patients of a phishing incident that may have compromised personal and protected health information. But now one of those notified has filed a complaint in federal court, alleging, among…
Applications Software Technology LLC notifies employees of W-2 data breach
Remember the “good old days” when we were most worried about phishing or BEC attacks to get employees’ W-2 data for tax refund fraud scams? Have you seen any reports like that recently? I just realized that I haven’t when I saw one in the news today. Bill Toulas reports: “AST LLC” has announced a data…
MD: Doctors Community Medical Center notifies patients after phishing incident put patient info at risk
Doctors Community Medical Center in Maryland is notifying an unreported number of patients whose protected health information was potentially compromised by a phishing incident. In January, the center noticed unusual network activity in its payroll system. Their investigation revealed that a number of employees had fallen for a phishing attack and that the attacker(s) had…
Less than two weeks after an Indiana hospital reported a phishing-related HIPAA breach, they had a second one
I was working today on adding details to spreadsheets that I use in calculating the gap between breach and discovery, and between discovery and notification. One of the incidents I was looking into today involved a report from Lafayette Regional Rehabilitation Hospital in Indiana. On November 25, they learned that in July, 2019 someone had…