Clark University in Massachusetts began notifying some students whose personal information, including Social Security Numbers, were in an employee’s email account that had been accessed. According to their notification dated July 20, the university’s investigation revealed that an unauthorized individual could have accessed the employee’s email account between March 19 and March 23rd. From the wording…
Category: Phishing
NorthStar Anesthesia notifies patients after employee email accounts compromised
Between May 23 and 24, 2018, NorthStar learned of an email phishing campaign that resulted in the compromise of certain employees’ email credentials. NorthStar immediately took steps to respond and commenced an investigation to determine the nature and scope of the incident, as well as determine what information may be affected. The investigation included working…
Sunspire Health notifying patients after employee email accounts accessed in phishing attack
Joseph Goedert reports: Sunspire Health, a nationwide network of addiction treatment facilities, is notifying an undisclosed number of individuals and offering them credit and identity monitoring services after several employee email accounts were accessed in a phishing attack. While the size of the Sunspire attack is not yet publicly known, the incident soon will be…
University of Pittsburgh Medical Center- Cole notifies patients of personal data breach
The Wellsville Daily reports: UPMC Cole has notified 790 patients treated at UPMC Cole that their personal information may have been inappropriately accessed. […] As a result of UPMC Cole’s internal investigation, it was determined that there were two phishing attacks (e-mails sent from an external source that look like they are from a trusted…
Eight Arrested in Africa-Based Cybercrime and Business Email Compromise Conspiracy
In accordance with the Justice Department’s recent efforts to disrupt business email compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens, the Department announced Operation Keyboard Warrior, an effort coordinated by United States and international law enforcement to disrupt online frauds perpetrated from Africa. …
Email providers blacklist oregon.gov, now state can’t email some members of the public
When you think of consequences of employees clicking on phishing emails, did you ever think about how an entire state government might wind up having their email domain blacklisted? It happened to Oregon because oregon.gov was used to send out spam after an employee clicked on a phishing email. Hillary Borrud reports: Oregon’s state technology workers…