Between May 23 and 24, 2018, NorthStar learned of an email phishing campaign that resulted in the compromise of certain employees’ email credentials. NorthStar immediately took steps to respond and commenced an investigation to determine the nature and scope of the incident, as well as determine what information may be affected. The investigation included working…
Category: Phishing
Sunspire Health notifying patients after employee email accounts accessed in phishing attack
Joseph Goedert reports: Sunspire Health, a nationwide network of addiction treatment facilities, is notifying an undisclosed number of individuals and offering them credit and identity monitoring services after several employee email accounts were accessed in a phishing attack. While the size of the Sunspire attack is not yet publicly known, the incident soon will be…
University of Pittsburgh Medical Center- Cole notifies patients of personal data breach
The Wellsville Daily reports: UPMC Cole has notified 790 patients treated at UPMC Cole that their personal information may have been inappropriately accessed. […] As a result of UPMC Cole’s internal investigation, it was determined that there were two phishing attacks (e-mails sent from an external source that look like they are from a trusted…
Eight Arrested in Africa-Based Cybercrime and Business Email Compromise Conspiracy
In accordance with the Justice Department’s recent efforts to disrupt business email compromise (BEC) schemes that are designed to intercept and hijack wire transfers from businesses and individuals, including many senior citizens, the Department announced Operation Keyboard Warrior, an effort coordinated by United States and international law enforcement to disrupt online frauds perpetrated from Africa. …
Email providers blacklist oregon.gov, now state can’t email some members of the public
When you think of consequences of employees clicking on phishing emails, did you ever think about how an entire state government might wind up having their email domain blacklisted? It happened to Oregon because oregon.gov was used to send out spam after an employee clicked on a phishing email. Hillary Borrud reports: Oregon’s state technology workers…
MO: Black River Medical Center notified patients whose information was potentially accessed
Black River Medical Center in Missouri has sent notification letters to an unspecified number of patients potentially affected by a phishing incident discovered in April. Here is their June 13 notice from their web site: Black River Medical Center has become aware of a potential data security incident that may have resulted in the inadvertent…