LA County Department of Health Phishing Attack Exposes Information of 14,591 Patients
Exploit: Phishing attack Los Angeles County Department of Health: Government agency responsible for overseeing health initiatives in Los Angeles County
Risk to Small Business: 1.555 = Severe: On March 28th, an employee at a third-party contractor opened a phishing email that gave hackers access to the company’s data, which included personally identifiable information from the Los Angeles Department of Health. Although the data was encrypted, the email account also contained the encryption keys, which functionally nullified this security feature. As the second-largest health system in the United States, the agency oversees many clinics and hospitals that could be impacted by this attack. Now, the Los Angeles County Department of Health is tasked with reinforcing its cybersecurity standards while they support their constituents who were harmed in the attack.
Individual Risk: 2.285 = Severe: The data breach exposed sensitive patient information, including names, addresses, dates of birth, medical record numbers, and Medi-Cal identification numbers. In addition, two patients had their Social Security numbers compromised. Although patients were not the target of the attack and authorities haven’t found evidence that their information is being misused, personally identifiable information can quickly make its way to the Dark Web where it can be used to perpetrate financial and identity crimes. Therefore, those impacted by the breach should enroll in the provided credit and identity monitoring services to ensure their data’s continued integrity.
Customers Impacted: 14,591 How it Could Affect Your Customers’ Business: Phishing attacks are an easy way for hackers to circumvent security standards by relying on employee ignorance and indifference to gain access to sensitive computer networks. Every organization can defend against these attacks by conducting awareness training with their employees. By equipping employees to identify and report phishing emails, organizations can effectively render these attacks ineffective.
Give us the opportunity to see things from your perspective
Get a business justified solution that fits your goals
Cost efficient IT that works!
Subscribe to our Bi-weekly Breach Report Newsletter
Sign up for Arnet Technologies Breach Report to receive updates on the most recent cybersecurity incidents affecting the business community. Read about the impact on the company, the risk to customer and company data, and the cybersecurity strategies that could help mitigate risk.
3 Essential Types Of Cyber Security Your Business Must HaveCLICK HERE!