Paul Kunert reports: The third-party mailbox used by Computacenter employees and contractors to deposit data for security clearance applications has been hacked and used in phishing scams. The company, one of Europe’s largest resellers, counts some of the biggest names in financial services among its corporate client base, and sells to a raft of local…
Category: Phishing
Legal Threats Make Powerful Phishing Lures
Brian Krebs reports: Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the recipient that he/she is being sued, and instruct them to review the attached file and respond within a few days — or else. Here’s a look at a recent…
Cancer Treatment Centers of America notifies patients after phishing attack on employee email account
Cancer Treatment Centers of America has been sending notification letters to patients whose protected health information was in an employee email account that was compromised by a phishing attack. The employee works at the Southeastern Regional Medical Center. The attack took place on March 10, 2019, and the attacker was potentially able to access the…
Equitas Health notifies 569 members after discovering two employee email accounts had been compromised
Equitas Health, Inc. (“Equitas Health”) learned that it was the victim of a data incident and is notifying individuals whose information may have been affected. On January 8, 2019, Equitas Health became aware of unusual activity within an employee’s email account. Equitas Health conducted an internal investigation which revealed that an unauthorized individual had access…
Oregon Health Authority provides early notification to Oregon State Hospital patients of a phishing incident
I realize that some will fault the entity for making early notification before they have all the facts, but my hat is off to the Oregon Health Authority (OHA). On May 6, they suffered – and quickly stopped – a successful spear-phishing attack that gave the attacker access to one employee’s mail account. That account…
Numbers from the OS, Inc. breach dribble in…
OS, Inc. provides revenue management (billing) services to covered entities. I recently reported on a phishing-related breach they experienced in 2018 that was first disclosed this month. As I noted in that post, their notification specifically mentioned a number of their affected clients. Their disclosure did not, however, provide a total number of patients affected,…