Matt Pilon reports: UConn Health on Friday disclosed that an unauthorized third party had accessed employee email accounts, potentially breaching the privacy of 326,000 patients and others. Of that number, 1,500 could have had their social security numbers exposed, UConn Health said. For others, potentially acquired details include names, dates of birth, addresses, and billing…
Category: Phishing
Centinela Valley Union High School District notifies employees of W-2 phishing incident
Ding! Ding! Ding! I think we have our first W-2 phishing report of this year, although of course I may have missed other ones. This one involves the Centinela Valley Union High School District in California. From their notification to the state: As a follow up to the email sent to you on January 31, 2019,…
Memorial Hospital at Gulfport phishing incident exposed 30,000 patients’ information
Anita Lee reports: Memorial Hospital is offering free credit monitoring and identify protection services to a “limited number” of patients whose Social Security numbers, health-insurance information and other personal details were part of an employee email account that a third party accessed. Janet Stuart, the hospital’s manager of marketing and communications, said the email account…
AU: Phishers compromise Optus email accounts
Juha Saarinen reports: Beware malware-laden missives. Email filtering company Mailguard is warning about an active phishing campaign emanating from compromised email accounts hosted on Optus’ optusnet.com.au domain. The messages purport to be advice recipients of remittance advices, invoices and insurance documents that are available for download. Should users click on the links to the documents…
Hackers targeted universities with phishing attacks
The FBI has published more about a case that was previously reported on this site (the DOJ’s press release at the time can be found here). Today, the FBI wrote: Two men who were citizens of Nigeria, living in Malaysia, and conducting their crimes from behind computers likely assumed they were safe from the reach…
SC: Roper St. Francis notifying patients after employees fall for phishing attack
Roper St. Francis posted the following notice on their web site on January 29: Roper St. Francis Healthcare values the privacy and confidentiality of our patients’ information. Regrettably, this notice is regarding a recent incident that may have involved some of your information. On November 30, 2018, we learned that an unauthorized actor may have…