Here’s another case where a 2016 phishing incident wasn’t detected until 2017: Ice Miller LLP represents Equian, LLC and its subsidiaries, including Nurse Audit, LLC (“collectively referred to herein as “Equian”). We are writing to notify you of a security incident involving the personal information of one (1) New Hampshire resident. On or about March…
Category: Phishing
Phishing attack potentially compromised 18,000 Gannett employees’ accounts
Elizabeth Weise reports: A phishing email attack potentially compromised the accounts of as many as 18,000 current and former employees of media company Gannett Co. As of Tuesday there was no indication of access to or acquisition of any sensitive personal data from employees’ accounts, said the company. Gannett Co. (GCI) is the owner of USA TODAY,…
TN: School board sued by employees over W-2 breach
Tipton County Schools was one of the first districts to reveal that an employee had fallen for a W-2 phishing scheme this year. Now the district is being sued by its employees, it seems. Courthouse News reports: Employees of a rural Tennessee county’s school system claim in a $19 million federal class-action lawsuit that their…
Iowa Veterans Home warns nearly 3,000 of data breach after phishing incident
In February 2017, Google and the State of Iowa were the target of multiple phishing email campaigns. The Office of the Chief Information Officer (OCIO) and the Iowa Veterans Home jointly responded and coordinated the recovery of the incident and worked together to implement additional measures to prevent a similar occurrence in the future. We…
Cleveland Metropolitan School District discloses phishing-related incident
Cleveland Metropolitan School District, (“CMSD”), recently discovered an event that that may affect the security of personal and financial information of a select group of employees, students, their guardians, and/or other affiliates of CMSD. What Happened? On March 6, 2017, CMSD determined that certain categories of employee, student, and/or guardian information contained in a limited…
Metro Community Provider Network settles HHS breach charges for $400,000 and corrective action plan
HHS announced another settlement today. This one stemmed from a 2011 incident that was previously covered on this site. Once again, the take-home message is that you need to do a risk assessment, and you need a risk management plan commensurate with your risk assessment. In this case, there was no prior risk assessment, and…