Albany-based New York Oncology Hematology is notifying more than 128,400 employees and patients after discovering that 14 employees fell prey to phishing attacks in April. Although forensic invesgtigation did not find any clear evidence that attackers accessed employee or patient data in the employees’ email accounts, NYOH decided to notify everyone. As part of their web…
Category: Phishing
Russian APT comes back to life with new US spear-phishing campaign
Catalin Cimpanu reports: A Russian state-sponsored cyber-espionage group has come back to life after a one-year period of inactivity with a relative large spear-phishing campaign that has targeted both the US government and private sector. The hacking group is known in infosec circles as Cozy Bear, APT29, The Dukes, or PowerDuke, and is infamous because…
NL: Internet con men ripped off Pathe NL for €19m in business email compromise
Heads rolled in this one, when executives did not spot or prevent business email compromise. As reported by DutchNews.nl: The Dutch operation of the Pathé cinema group was ripped off by internet con men to the tune of over €19m, court documents published on Friday show. The con cost both the chief executive and financial…
FL: Health First, Inc. notified 42,000 patients after phishing incident
On October 5, Health First, Inc., a Florida-based healthcare provider, notified HHS of a breach that affected 42,000 patients. The incident was coded on HHS’s breach tool as hacking/IT incident involving e-mail. It has taken a while to obtain more details, but DataBreaches.net has now received a statement from Matthew Gerrell, Senior Vice President, Consumer…
Children served by Florida DOH child protective services may have had psychological and medical info accessed in hack
From the Pensacola News Journal: The Florida Department of Health has reported a data breach that may have comprised the personal information of some patients in Escambia, Santa Rosa, Okaloosa and Walton counties. The department completed an investigation and found that an unauthorized user compromised the Microsoft Outlook 365 account of an employee of the Children’s Medical…
Hackers using police, fire chiefs’ emails to try and steal information
Because why not, right?