Employees of Ozark Orthopaedics fell for phishing scam exposing 15,000 patient’s data
https://ryortho.com/breaking/ozark-orthopaedics-data-breach-exposes-over-15000-patients/
Exploit: Phishing scam
Ozark Orthopaedics: Orthopedic healthcare practice
Risk to Small Business: 2.113 = Severe: Four employees fell for a phishing scam and gave hackers access to email accounts containing patient data. The scope of the data breach that occurred in late 2019 was just released by the healthcare provider, creating questions about the practice’s cybersecurity practices. As a result, patients were unable to quickly take steps to protect their identities and Ozark Orthopaedics has opened itself up to regulatory scrutiny that could result in substantial financial penalties.
Individual Risk: 1.775 = Severe: Patients’ personally identifiable information was exposed in the breach, including their names, treatment information, Medicare or Medicaid identification numbers, Social Security numbers, and financial account information. In the wrong hands, this information can be used in a litany of financial or identity-related crimes. Those impacted by the breach should immediately enroll in credit and identity monitoring services to secure their personal information.
Customers Impacted: 15,240
How it Could Affect Your Customers’ Business: More than a trillion phishing emails are sent each year, some of which will inevitably make their way into your employees’ inboxes. Training employees to spot these scams is especially important to protect your company from a devastating data breach.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
