Roper St. Francis posted the following notice on their web site on January 29: Roper St. Francis Healthcare values the privacy and confidentiality of our patients’ information. Regrettably, this notice is regarding a recent incident that may have involved some of your information. On November 30, 2018, we learned that an unauthorized actor may have…
Category: Phishing
IN: Thousands Of Patients’ Information Compromised In Data Breach
Sierra Hignite reports: A data breach at Valley Professionals Health Care may have affected all seven of its health care locations, including their mobile site. Plus, personal information from thousands of patients has been compromised. It started when an employee received an email in late November that they believed to be from another health care organization…
ANA Suffers Phishing Attack, Possible Theft Of Data
Wendy Davis reports: The Association of National Advertisers suffered a phishing attack last year that may have resulted in the theft of employee data, including names and social security numbers, MediaPost has learned. The ANA said in a January 24 letter to former employees that it learned last October of a “possible data security incident.”…
Verity Health System of California, Inc. and Verity Medical Foundation Notify Individuals and Regulatory Bodies of Data Security Incident
From their public notification: [El Segundo, CA, January 25, 2019] – Although there is no evidence of the unauthorized access or use of individual health or personal information, Verity Health System of California, Inc. and Verity Medical Foundation (collectively “Verity”) are notifying potentially affected individuals that some of their personal information may have been accessed…
MI: Sacred Heart Rehabilitation Center notifies patients of phishing incident
Another day, another phishing report from a HIPAA-covered entity. This time, it’s Sacred Heart Rehabilitation Center in Michigan. The phishing attack itself occurred in early April. It’s not clear when the center first discovered the breach, but they only first discovered PHI was involved in November. The center’s release did not reveal numbers, and this is…
New tool automates phishing attacks that bypass 2FA
Catalin Cimpanu reports: A new penetration testing tool published at the start of the year by a security researcher can automate phishing attacks with an ease never seen before and can even blow through login operations for accounts protected by two-factor authentication (2FA). Named Modlishka –the English pronunciation of the Polish word for mantis– this…