United States: The personal information of approximately 47,000 people is now in danger after the login credentials of an employee were hacked during a phishing attack in February. The data has been recently shared by the Los Angeles County Department of Health Services.

Steps taken by health service:

Certain reports have claimed that the phishing attack took happened on February 6, 2024. The health service department has outlined that the impacted email accounts were disabled soon after the breach was discovered. Following this, the mails were also reset and the devices of the users were also re-imaged. The investigating team also brief that those websites were also blocked which were suspected to be a part of the phishing campaign.

The DHS has further mentioned that the workforce members are also regularly notified to remain vigilant while reviewing the emails. In addition to this, the officials have appealed to be extra cautious with the mails including links and attachments. The investigation into the matter is ongoing.

What kind of information can be hacked?

As per the preliminary information shared by the officials, the information that could be potentially compromised could be full name, date of birth, home address, email address, phone number, health insurance information, medical record number, social security number, government-issued ID, and some other medical information.

The Department of Health Services (DHS) is actively informing those impacted by the recent security breach via postal correspondence. For individuals lacking an available mailing address, DHS is also disseminating notifications through its official website to furnish pertinent information and resources. The department has apprised the U.S. Department of Health & Human Services’ Office for Civil Rights, along with other relevant authorities, as mandated by statutory and contractual obligations.

DHS has instituted a myriad of augmentations to fortify future defenses against analogous email incursions.

Although the department is unable to verify if any information has been illicitly accessed or exploited, individuals are urged to meticulously examine the content and veracity of their medical records in consultation with their healthcare providers.

To mitigate apprehensions post-incident, DHS has engaged the services of an identity monitoring agency to aid those affected, offering credit surveillance, fraud advisement, and identity theft remediation.

Along with this, the Department of Public Health of Los Angeles announced that during a phishing attack that also occurred in February, it hacked the login credentials of around 53 employees, which compromised the personal information of more than 200,000 people.

Was this article helpful?


Please enter your comment!
Please enter your name here