Ron Wilshire reports: Clarion University was notified of an email compromise that occurred because of a criminal phishing scam that compromised two email accounts in the registrar’s office. The unauthorized individual or individuals had access to the accounts between October 7 and October 10. “Clarion University is committed to data integrity and privacy protection,” said Communication Manager…
Category: Phishing
Sinai Health System notifies 11,350 patients after phishing incident
Ally Marotti reports: At least two employees at Sinai Health System had their email accounts compromised in a phishing incident, potentially affecting the information of 11,350 people. The seven-member hospital system said in a statement Thursday that it cannot confirm whether any patient information in the email accounts was viewed. However, there is a low…
Basic training in avoiding phishing is no longer sufficient
Oof. I read something like this notification below from Boise Cascade Company in Utah, and I wonder if the employees had been regularly trained in avoiding phishing attacks, or if it was just the case that the phishing was done so damned well that the employees fell for it despite their training. In this case,…
Baptist Health Louisville notifies 880 patients after phishing incident
Baptist Health Louisville in Kentucky recently notified 880 patients of a phishing incident. The incident was also reported to the U.S. Department of Health and Human Services. According to a substitute notice in response to the breach, on October 3, Baptist Health discovered that an employee’s email account credentials were obtained by an unauthorized third-party…
9,500 patients at the Medical College of Wisconsin notified of phishing incident
Guy Boulton reports: Confidential medical information or other personal data of 9,500 patients at the Medical College of Wisconsin was compromised by a targeted attack on the school’s email system in July, the Medical College said Friday. The compromised email accounts contained one or more of the following types of information: patients’ names, home addresses, dates…
UPMC Susquehanna notifies 1,200 patients of data breach
The Daily Item reports: UPMC Susquehanna has notified 1,200 patients treated at various UPMC Susquehanna locations that their personal information — including names, dates of birth, contact information and Social Security numbers — may have been inappropriately accessed. Read more on Daily Item. So far, it’s reading like a phishing incident.