Kevin S. Held reports: More than 5,100 St. Louis Community College students and employees had their personal information accessed via a phishing scam. The data breach was discovered on January 13, according to a spokesperson for the college. Cybercriminals targeted employees and students through “a series of email phishing attacks” which ultimately gave them access…
Category: Phishing
Data breach potentially exposes Eastern Virginia Medical School employees’ bank accounts
Elisha Sauers reports: Eastern Virginia Medical School is trying to beef up its email security following a phishing scam that could have exposed employees’ personal information, including bank accounts and Social Security numbers. EVMS president and provost Richard V. Homan informed staff of the breach Monday. The school had discovered Wednesday that some files might…
VillageCareMAX & VillageCare Rehabilitative & Nursing Center Notices of Data Privacy Incident After Business Email Compromise
The following is part of the notice Village Senior Services Corporation d/b/a VillageCareMAX posted on their website. Note that the attacker was apparently requesting names and Medicaid ID numbers, which makes me wonder what the plan for misuse was — insurance fraud, perhaps? VillageCareMAX (“VCMAX”) is providing notice of an incident that may affect the…
PIH Health notifies almost 200,000 patients whose protected health information was sitting in employee email accounts that were compromised
Posted by PIH Health on their website on January 10, 2020: Notification of Data Security Incident January 10, 2020 – PIH Health has become aware of a data security incident that may have impacted personal information and protected health information belonging to certain current and former patients. On January 10, 2020, PIH Health notified potentially…
If states would only require — and then engage in — more transparency on breaches
Years ago, I had hoped more states would require breach notifications to central offices and that states would then share those reports with the public, much as New Hampshire had done. But things haven’t really become more transparent. Maryland and California remain positive examples of transparency, but New Hampshire’s site, while still available, has lost…
CA: Adventist Health Notifies 2,653 Patients After Phishing Incident
B. J. Hansen reports on a phishing incident that has resulted in Adventist Health Sonora notifying patients. According to the hospital, the incident was discovered on September 30, and an investigation was launched. On October 14, they discovered that the compromised associate’s account contained protected health information. The hospital’s notification states: Information that may have…