Oh dear. When I saw Verity Medical Foundation listed on HHS’s public breach tool this month with more than 14,000 patients impacted, I thought it might be just an updated report for the two incidents that they had disclosed in January. But no. It appears that Verity had yet another breach. Like the first two,…
Category: Phishing
Frederick Regional Health System notifies hospice patients of phishing incident
Frederick Regional Health System recently disclosed a phishing incident that compromised an undiclosed number of hospice patients’ personal and protected health information. Here is their notification, first reported by the Frederick News-Post. Frederick Regional Health System is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice is to inform our…
Oregon DHS discloses breach potentially affecting 350,000 after successful phisher gained access to employees’ email accounts
KDRV reports: Oregon’s Department of Human Services (DHS) revealed on Thursday that the private data of more than 350,000 clients may have been accessed in a massive data breach that began earlier this year. The agency said that the breach stemmed from a phishing scam that infected the emails of nine separate employees after they…
Hartwig Moss Insurance Agency discloses data breach affecting 1,100 customers
Jennifer Larino reports: Hartwig Moss Insurance Agency, a fifth-generation New Orleans business on Canal Street, revealed Wednesday (March 20) that a data breach may have exposed personal info for roughly 1,100 customers. The breach involved basic information, including names, birthdates and driver’s license numbers, taken from the company’s insurance accounts, according to a news release….
US Healthcare institutions are vulnerable to phishing attacks: Survey
CISOMag reports on a recent survey and report, Assessment of Employee Susceptibility to Phishing Attacks at US Health Care Institutions, authored by Dr. William Gordon and colleagues. Not surprisingly, the survey found that the healthcare sector was susceptible to phishing attacks. How susceptible, you wonder? William specified that when the researchers sent simulated phishing emails,…
Carmel Unified School District notifies employees of phishing incident
Ouch. This isn’t a W-2 phishing attack, but in some ways, it seems even worse. Carmel Unified School District notified employees that a successful phishing attack had gained access to an employee’s email account that had “a limited number of documents.” Those documents may have contained employees’ or dependents’ information: Employee social security numbers Spouses’…