HORNE LLP (“HORNE”) is providing notice of an incident that occurred at HORNE and may affect the security of protected health information of certain Forrest General Hospital patients. HORNE has access to these individuals’ personal health information as part of services HORNE provides for Forrest General Hospital with certain Medicaid reimbursement services. While HORNE is…
Category: Phishing
Harris County tightens security after almost losing $900K in phishing attack
Mihir Zaveri reports: On Sept. 21, not three weeks after Houston was ravaged by Hurricane Harvey, the Harris County auditor’s office received an email from someone named Fiona Chambers who presented herself as an accountant with D&W Contractors, Inc. The contractor was repairing a Harvey-damaged parking lot, cleaning up debris and building a road for…
The 2018 W-2 Phishing/BEC Victims List
As this site has done in 2016 and 2017, DataBreaches.net will maintain a list of entities that disclose that they have become victims of a W-2 phishing or business email compromise (BEC) attack. For 2016, we compiled 175 incidents (although some of them didn’t become public knowledge until 2017), and for 2017, we had 204 incidents…
Monticello Central School District notifying almost 2,600 of phishing attack last year
When I saw that Monticello Central School District in New York had submitted a breach notification to the Vermont Attorney General’s Office and it mentioned phishing, I thought we might have our very first W-2 phishing incident of 2018. But no, it seems that the school district is reporting a phishing incident that they believe…
Lebanese Government Hackers Hit Thousands of Victims With Incredibly Simple Campaign
Lorenzo Francesco-Bicchierai reports: Hackers allegedly working for the government of Lebanon stole hundreds of gigabytes from thousands of victims all over the world, and they did it using phishing, relatively simple custom-made malware with no fancy zero-day exploits, and using recycled infrastructure, according to a new report. Security researchers from digital rights organization Electronic Frontier…
NC: Emotet malware compromised Rockingham County Schools servers after employees opened phishing emails
This report was published December 28, 2017, but I’m first seeing it today. Joe Dexter reports on the devastation Rockingham County Schools experienced after employees fell for a phishing email. The only good news, perhaps, was that personal information did not appear to have been acquired or exfiltrated: All it took was several downloads of…