Another day, another phishing report from a HIPAA-covered entity. This time, it’s Sacred Heart Rehabilitation Center in Michigan. The phishing attack itself occurred in early April. It’s not clear when the center first discovered the breach, but they only first discovered PHI was involved in November. The center’s release did not reveal numbers, and this is…
Category: Phishing
New tool automates phishing attacks that bypass 2FA
Catalin Cimpanu reports: A new penetration testing tool published at the start of the year by a security researcher can automate phishing attacks with an ease never seen before and can even blow through login operations for accounts protected by two-factor authentication (2FA). Named Modlishka –the English pronunciation of the Polish word for mantis– this…
LA: Caddo Schools scammed out of nearly $1 million
Marquel Sennet reports: The Caddo Parish School System is scammed out of nearly $1 million in tax payer money. The fraudulent activity is now being investigated by the FBI and local law enforcement. This phishing scheme targeted funds designated for Charter Schools USA, which operates Magnolia School of Excellence. Caddo Schools makes monthly payments to…
MI: Kent County Community Mental Health Authority notifies 2,284 patients after phishing attack
Kent County Community Mental Health Authority of Michigan, dba as Network180, issued a notice on their site about a HIPAA breach that they reported to HHS as affecting 2,284 patients. Here is the text of their notice: We are posting this notice as part of our serious commitment to privacy. We regret to inform the…
WA: Here’s what you need to know about Chaplaincy Health Care’s email breach
Sara Schilling reports: Chaplaincy Health Care is offering free identity protection and credit monitoring to more than 1,000 people after a privacy breach. An employee’s email login credentials were compromised through an apparent phishing scheme. Read more on Tri-City Herald.
KS: Wichita State U. employees fall victim to phishing scam, lose paychecks
Suzanne Perez Tobias reports: At least three employees of Wichita State University did not receive their paychecks recently after they were targeted by computer hackers. The employees were victims of an e-mail phishing scheme, which asked them to type in their university ID number and password, allowing scammers to access bank account numbers, student records…